0.8.1

Reviewed-on: #145

.drone.yml

@@ -12,7 +12,7 @@ steps:
     settings:
       restore: true
       mount:
-      - ./vendor
+      - ./vendor/cache
     when:
       branch:
         - master
@@ -20,6 +20,8 @@ steps:
     image: guildeducation/rails:2.7.2-14.20.0
     environment:
       RAILS_ENV: test
+      REDIS_URL: redis://redis:6379/0
+      RS_REDIS_URL: redis://redis:6379/1
     commands:
       - bundle config unset deployment
       - bundle config set cache_all 'true'
@@ -37,11 +39,15 @@ steps:
     settings:
       rebuild: true
       mount:
-      - ./vendor
+      - ./vendor/cache
     when:
       branch:
         - master
 
+services:
+  - name: redis
+    image: redis
+
 volumes:
   - name: cache
     host:

.env.example

@@ -1,3 +1,4 @@
+PRIMARY_DOMAIN=kosmos.org
 AKKOUNTS_DOMAIN=accounts.example.com
 
 SMTP_SERVER=smtp.example.com
@@ -9,22 +10,25 @@ SMTP_DOMAIN=example.com
 SMTP_AUTH_METHOD=plain
 SMTP_ENABLE_STARTTLS=auto
 
-REDIS_URL='redis://localhost:6379/1'
-
 LDAP_HOST=localhost
 LDAP_PORT=389
 LDAP_ADMIN_PASSWORD=passthebutter
 LDAP_SUFFIX='dc=kosmos,dc=org'
 
+REDIS_URL='redis://localhost:6379/1'
+
 WEBHOOKS_ALLOWED_IPS='10.1.1.163'
 
 DISCOURSE_PUBLIC_URL='https://community.kosmos.org'
 DISCOURSE_CONNECT_SECRET='discourse_connect_ftw'
 
+DRONECI_PUBLIC_URL='https://drone.kosmos.org'
+
 GITEA_PUBLIC_URL='https://gitea.kosmos.org'
 MASTODON_PUBLIC_URL='https://kosmos.social'
 MEDIAWIKI_PUBLIC_URL='https://wiki.kosmos.org'
 RS_STORAGE_URL='https://storage.kosmos.org'
+RS_REDIS_URL='redis://localhost:6379/2'
 
 EJABBERD_ADMIN_URL='https://xmpp.kosmos.org/admin'
 EJABBERD_API_URL='https://xmpp.kosmos.org/api'

.env.test

@@ -1,3 +1,7 @@
+PRIMARY_DOMAIN=kosmos.org
+
+REDIS_URL='redis://localhost:6379/0'
+
 DISCOURSE_PUBLIC_URL='http://discourse.example.com'
 DISCOURSE_CONNECT_SECRET='discourse_connect_ftw'
 
@@ -10,5 +14,6 @@ LNDHUB_PUBLIC_URL='https://lndhub.kosmos.org'
 LNDHUB_PUBLIC_KEY='024cd3be18617f39cf645851e3ba63f51fc13f0bb09e3bb25e6fd4de556486d946'
 
 RS_STORAGE_URL='https://storage.kosmos.org'
+RS_REDIS_URL='redis://localhost:6379/1'
 
 WEBHOOKS_ALLOWED_IPS='10.1.1.23'

.gitea/release-drafter.yml

@@ -7,6 +7,7 @@ version-resolver:
   minor:
     labels:
       - 'release/minor'
+      - 'feature'
   patch:
     labels:
       - 'release/patch'

.gitignore

@@ -39,6 +39,7 @@ yarn-debug.log*
 
 # Ignore local dotenv config file
 .env
+.env.development
 
 # Ignore redis dumps from sidekiq
 dump.rdb

Dockerfile

@@ -9,9 +9,9 @@ RUN curl -fsSL https://deb.nodesource.com/setup_lts.x | bash -
 RUN apt-get update && apt-get install -y nodejs
 
 WORKDIR /akkounts
-COPY Gemfile /akkounts/Gemfile
-COPY Gemfile.lock /akkounts/Gemfile.lock
-COPY package.json /akkounts/package.json
+
+COPY ["Gemfile", "Gemfile.lock", "package.json", "./"]
+
 RUN bundle install
 RUN gem install foreman
 RUN npm install -g yarn

Gemfile

@@ -51,17 +51,20 @@ gem 'faraday'
 gem 'sidekiq', '< 7'
 gem 'sidekiq-scheduler'
 
-# Service integrations
-gem 'discourse_api'
-
 # Monitoring
 gem "sentry-ruby"
 gem "sentry-rails"
 
+# Services
+gem 'discourse_api'
+gem "lnurl"
+gem 'nostr', git: 'https://gitea.kosmos.org/kosmos/nostr-gem.git', branch: 'feature/ruby_2.7_compat'
+
 group :development, :test do
   # Use sqlite3 as the database for Active Record
   gem 'sqlite3', '~> 1.4'
   gem 'rspec-rails'
+  gem 'rails-controller-testing'
   gem "byebug", "~> 11.1"
 end
 

Gemfile.lock

@@ -1,81 +1,98 @@
+GIT
+  remote: https://gitea.kosmos.org/kosmos/nostr-gem.git
+  revision: 596529d9eb50d13b3f385245636698fccf37b442
+  branch: feature/ruby_2.7_compat
+  specs:
+    nostr (0.4.0)
+      bech32 (~> 1.3)
+      bip-schnorr (~> 0.4)
+      ecdsa (~> 1.2)
+      event_emitter (~> 0.2)
+      faye-websocket (~> 0.11)
+      json (~> 2.6)
+
 GEM
   remote: https://rubygems.org/
   specs:
-    actioncable (7.0.4)
-      actionpack (= 7.0.4)
-      activesupport (= 7.0.4)
+    actioncable (7.0.5)
+      actionpack (= 7.0.5)
+      activesupport (= 7.0.5)
       nio4r (~> 2.0)
       websocket-driver (>= 0.6.1)
-    actionmailbox (7.0.4)
-      actionpack (= 7.0.4)
-      activejob (= 7.0.4)
-      activerecord (= 7.0.4)
-      activestorage (= 7.0.4)
-      activesupport (= 7.0.4)
+    actionmailbox (7.0.5)
+      actionpack (= 7.0.5)
+      activejob (= 7.0.5)
+      activerecord (= 7.0.5)
+      activestorage (= 7.0.5)
+      activesupport (= 7.0.5)
       mail (>= 2.7.1)
       net-imap
       net-pop
       net-smtp
-    actionmailer (7.0.4)
-      actionpack (= 7.0.4)
-      actionview (= 7.0.4)
-      activejob (= 7.0.4)
-      activesupport (= 7.0.4)
+    actionmailer (7.0.5)
+      actionpack (= 7.0.5)
+      actionview (= 7.0.5)
+      activejob (= 7.0.5)
+      activesupport (= 7.0.5)
       mail (~> 2.5, >= 2.5.4)
       net-imap
       net-pop
       net-smtp
       rails-dom-testing (~> 2.0)
-    actionpack (7.0.4)
-      actionview (= 7.0.4)
-      activesupport (= 7.0.4)
-      rack (~> 2.0, >= 2.2.0)
+    actionpack (7.0.5)
+      actionview (= 7.0.5)
+      activesupport (= 7.0.5)
+      rack (~> 2.0, >= 2.2.4)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.2.0)
-    actiontext (7.0.4)
-      actionpack (= 7.0.4)
-      activerecord (= 7.0.4)
-      activestorage (= 7.0.4)
-      activesupport (= 7.0.4)
+    actiontext (7.0.5)
+      actionpack (= 7.0.5)
+      activerecord (= 7.0.5)
+      activestorage (= 7.0.5)
+      activesupport (= 7.0.5)
       globalid (>= 0.6.0)
       nokogiri (>= 1.8.5)
-    actionview (7.0.4)
-      activesupport (= 7.0.4)
+    actionview (7.0.5)
+      activesupport (= 7.0.5)
       builder (~> 3.1)
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.1, >= 1.2.0)
-    activejob (7.0.4)
-      activesupport (= 7.0.4)
+    activejob (7.0.5)
+      activesupport (= 7.0.5)
       globalid (>= 0.3.6)
-    activemodel (7.0.4)
-      activesupport (= 7.0.4)
-    activerecord (7.0.4)
-      activemodel (= 7.0.4)
-      activesupport (= 7.0.4)
-    activestorage (7.0.4)
-      actionpack (= 7.0.4)
-      activejob (= 7.0.4)
-      activerecord (= 7.0.4)
-      activesupport (= 7.0.4)
+    activemodel (7.0.5)
+      activesupport (= 7.0.5)
+    activerecord (7.0.5)
+      activemodel (= 7.0.5)
+      activesupport (= 7.0.5)
+    activestorage (7.0.5)
+      actionpack (= 7.0.5)
+      activejob (= 7.0.5)
+      activerecord (= 7.0.5)
+      activesupport (= 7.0.5)
       marcel (~> 1.0)
       mini_mime (>= 1.1.0)
-    activesupport (7.0.4)
+    activesupport (7.0.5)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 1.6, < 2)
       minitest (>= 5.1)
       tzinfo (~> 2.0)
-    addressable (2.8.1)
+    addressable (2.8.4)
       public_suffix (>= 2.0.2, < 6.0)
     ast (2.4.2)
     backport (1.2.0)
     bcrypt (3.1.18)
+    bech32 (1.3.0)
+      thor (>= 1.1.0)
     benchmark (0.2.1)
     bindex (0.8.1)
+    bip-schnorr (0.6.0)
+      ecdsa_ext (~> 0.5.0)
     builder (3.2.4)
     byebug (11.1.3)
-    capybara (3.38.0)
+    capybara (3.39.2)
       addressable
       matrix
       mini_mime (>= 0.1.3)
@@ -85,20 +102,21 @@ GEM
       regexp_parser (>= 1.5, < 3.0)
       xpath (~> 3.2)
     chunky_png (1.4.0)
-    concurrent-ruby (1.1.10)
-    connection_pool (2.3.0)
+    concurrent-ruby (1.2.2)
+    connection_pool (2.4.1)
     crack (0.4.5)
       rexml
     crass (1.0.6)
-    cssbundling-rails (1.1.1)
+    cssbundling-rails (1.1.2)
       railties (>= 6.0.0)
-    database_cleaner (2.0.1)
-      database_cleaner-active_record (~> 2.0.0)
-    database_cleaner-active_record (2.0.1)
+    database_cleaner (2.0.2)
+      database_cleaner-active_record (>= 2, < 3)
+    database_cleaner-active_record (2.1.0)
       activerecord (>= 5.a)
       database_cleaner-core (~> 2.0.0)
     database_cleaner-core (2.0.1)
-    devise (4.9.0)
+    date (3.3.3)
+    devise (4.9.2)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
       railties (>= 4.1.0)
@@ -108,7 +126,7 @@ GEM
       devise (>= 3.4.1)
       net-ldap (>= 0.16.0)
     diff-lcs (1.5.0)
-    discourse_api (2.0.0)
+    discourse_api (2.0.1)
       faraday (~> 2.7)
       faraday-follow_redirects
       faraday-multipart
@@ -118,17 +136,22 @@ GEM
       dotenv (= 2.8.1)
       railties (>= 3.2)
     e2mmap (0.1.0)
-    erubi (1.11.0)
+    ecdsa (1.2.0)
+    ecdsa_ext (0.5.0)
+      ecdsa (~> 1.2.0)
+    erubi (1.12.0)
     et-orbi (1.2.7)
       tzinfo
+    event_emitter (0.2.6)
+    eventmachine (1.2.7)
     factory_bot (6.2.1)
       activesupport (>= 5.0.0)
     factory_bot_rails (6.2.0)
       factory_bot (~> 6.2.0)
       railties (>= 5.0.0)
-    faker (3.0.0)
+    faker (3.2.0)
       i18n (>= 1.8.11, < 2)
-    faraday (2.7.1)
+    faraday (2.7.6)
       faraday-net_http (>= 2.0, < 3.1)
       ruby2_keywords (>= 0.0.4)
     faraday-follow_redirects (0.3.0)
@@ -136,6 +159,9 @@ GEM
     faraday-multipart (1.0.4)
       multipart-post (~> 2)
     faraday-net_http (3.0.2)
+    faye-websocket (0.11.2)
+      eventmachine (>= 0.12.0)
+      websocket-driver (>= 0.5.1)
     ffi (1.15.5)
     flipper (0.28.0)
       concurrent-ruby (< 2)
@@ -148,18 +174,18 @@ GEM
       rack (>= 1.4, < 3)
       rack-protection (>= 1.5.3, <= 4.0.0)
       sanitize (< 7)
-    fugit (1.7.2)
+    fugit (1.8.1)
       et-orbi (~> 1, >= 1.2.7)
       raabro (~> 1.4)
-    globalid (1.0.0)
+    globalid (1.1.0)
       activesupport (>= 5.0)
     hashdiff (1.0.1)
-    i18n (1.12.0)
+    i18n (1.14.1)
       concurrent-ruby (~> 1.0)
-    importmap-rails (1.1.5)
+    importmap-rails (1.1.6)
       actionpack (>= 6.0.0)
       railties (>= 6.0.0)
-    jaro_winkler (1.5.4)
+    jaro_winkler (1.5.6)
     jbuilder (2.11.5)
       actionview (>= 5.0.0)
       activesupport (>= 5.0.0)
@@ -168,8 +194,8 @@ GEM
       rexml
     kramdown-parser-gfm (1.1.0)
       kramdown (~> 2.0)
-    launchy (2.5.0)
-      addressable (~> 2.7)
+    launchy (2.5.2)
+      addressable (~> 2.8)
     letter_opener (1.8.1)
       launchy (>= 2.2, < 3)
     letter_opener_web (2.0.0)
@@ -177,78 +203,88 @@ GEM
       letter_opener (~> 1.7)
       railties (>= 5.2)
       rexml
-    listen (3.7.1)
+    listen (3.8.0)
       rb-fsevent (~> 0.10, >= 0.10.3)
       rb-inotify (~> 0.9, >= 0.9.10)
-    lockbox (1.1.0)
-    loofah (2.19.0)
+    lnurl (1.0.1)
+      bech32 (~> 1.1)
+    lockbox (1.2.0)
+    loofah (2.21.3)
       crass (~> 1.0.2)
-      nokogiri (>= 1.5.9)
-    mail (2.7.1)
+      nokogiri (>= 1.12.0)
+    mail (2.8.1)
       mini_mime (>= 0.1.1)
+      net-imap
+      net-pop
+      net-smtp
     marcel (1.0.2)
     matrix (0.4.2)
     method_source (1.0.0)
     mini_mime (1.1.2)
-    mini_portile2 (2.8.0)
-    minitest (5.16.3)
+    minitest (5.18.0)
     multipart-post (2.3.0)
-    net-imap (0.3.1)
+    net-imap (0.3.6)
+      date
       net-protocol
-    net-ldap (0.17.1)
+    net-ldap (0.18.0)
     net-pop (0.1.2)
       net-protocol
-    net-protocol (0.1.3)
+    net-protocol (0.2.1)
       timeout
     net-smtp (0.3.3)
       net-protocol
-    nio4r (2.5.8)
-    nokogiri (1.13.9)
-      mini_portile2 (~> 2.8.0)
+    nio4r (2.5.9)
+    nokogiri (1.15.2-arm64-darwin)
       racc (~> 1.4)
-    nokogiri (1.13.9-x86_64-linux)
+    nokogiri (1.15.2-x86_64-linux)
       racc (~> 1.4)
     orm_adapter (0.5.0)
-    pagy (6.0.2)
-    parallel (1.22.1)
-    parser (3.2.1.1)
+    pagy (6.0.4)
+    parallel (1.23.0)
+    parser (3.2.2.3)
       ast (~> 2.4.1)
+      racc
     pg (1.2.3)
-    public_suffix (5.0.0)
+    public_suffix (5.0.1)
     puma (4.3.12)
       nio4r (~> 2.0)
     raabro (1.4.0)
-    racc (1.6.0)
-    rack (2.2.4)
+    racc (1.7.1)
+    rack (2.2.7)
     rack-protection (3.0.6)
       rack
-    rack-test (2.0.2)
+    rack-test (2.1.0)
       rack (>= 1.3)
-    rails (7.0.4)
-      actioncable (= 7.0.4)
-      actionmailbox (= 7.0.4)
-      actionmailer (= 7.0.4)
-      actionpack (= 7.0.4)
-      actiontext (= 7.0.4)
-      actionview (= 7.0.4)
-      activejob (= 7.0.4)
-      activemodel (= 7.0.4)
-      activerecord (= 7.0.4)
-      activestorage (= 7.0.4)
-      activesupport (= 7.0.4)
+    rails (7.0.5)
+      actioncable (= 7.0.5)
+      actionmailbox (= 7.0.5)
+      actionmailer (= 7.0.5)
+      actionpack (= 7.0.5)
+      actiontext (= 7.0.5)
+      actionview (= 7.0.5)
+      activejob (= 7.0.5)
+      activemodel (= 7.0.5)
+      activerecord (= 7.0.5)
+      activestorage (= 7.0.5)
+      activesupport (= 7.0.5)
       bundler (>= 1.15.0)
-      railties (= 7.0.4)
+      railties (= 7.0.5)
+    rails-controller-testing (1.0.5)
+      actionpack (>= 5.0.1.rc1)
+      actionview (>= 5.0.1.rc1)
+      activesupport (>= 5.0.1.rc1)
     rails-dom-testing (2.0.3)
       activesupport (>= 4.2.0)
       nokogiri (>= 1.6)
-    rails-html-sanitizer (1.4.3)
-      loofah (~> 2.3)
+    rails-html-sanitizer (1.6.0)
+      loofah (~> 2.21)
+      nokogiri (~> 1.14)
     rails-settings-cached (2.8.3)
       activerecord (>= 5.0.0)
       railties (>= 5.0.0)
-    railties (7.0.4)
-      actionpack (= 7.0.4)
-      activesupport (= 7.0.4)
+    railties (7.0.5)
+      actionpack (= 7.0.5)
+      activesupport (= 7.0.5)
       method_source
       rake (>= 12.2)
       thor (~> 1.0)
@@ -258,110 +294,107 @@ GEM
     rb-fsevent (0.11.2)
     rb-inotify (0.10.1)
       ffi (~> 1.0)
-    redis (5.0.5)
-      redis-client (>= 0.9.0)
-    redis-client (0.11.2)
-      connection_pool
-    regexp_parser (2.6.1)
+    rbs (2.8.4)
+    redis (4.8.1)
+    regexp_parser (2.8.1)
     responders (3.1.0)
       actionpack (>= 5.2)
       railties (>= 5.2)
     reverse_markdown (2.1.1)
       nokogiri
     rexml (3.2.5)
-    rqrcode (2.1.2)
+    rqrcode (2.2.0)
       chunky_png (~> 1.0)
       rqrcode_core (~> 1.0)
     rqrcode_core (1.2.0)
-    rspec-core (3.12.0)
+    rspec-core (3.12.2)
       rspec-support (~> 3.12.0)
-    rspec-expectations (3.12.0)
+    rspec-expectations (3.12.3)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.12.0)
-    rspec-mocks (3.12.0)
+    rspec-mocks (3.12.5)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.12.0)
-    rspec-rails (6.0.1)
+    rspec-rails (6.0.3)
       actionpack (>= 6.1)
       activesupport (>= 6.1)
       railties (>= 6.1)
-      rspec-core (~> 3.11)
-      rspec-expectations (~> 3.11)
-      rspec-mocks (~> 3.11)
-      rspec-support (~> 3.11)
+      rspec-core (~> 3.12)
+      rspec-expectations (~> 3.12)
+      rspec-mocks (~> 3.12)
+      rspec-support (~> 3.12)
     rspec-support (3.12.0)
-    rubocop (1.48.1)
+    rubocop (1.52.1)
       json (~> 2.3)
       parallel (~> 1.10)
-      parser (>= 3.2.0.0)
+      parser (>= 3.2.2.3)
       rainbow (>= 2.2.2, < 4.0)
       regexp_parser (>= 1.8, < 3.0)
       rexml (>= 3.2.5, < 4.0)
-      rubocop-ast (>= 1.26.0, < 2.0)
+      rubocop-ast (>= 1.28.0, < 2.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 2.4.0, < 3.0)
-    rubocop-ast (1.28.0)
+    rubocop-ast (1.29.0)
       parser (>= 3.2.1.0)
     ruby-progressbar (1.13.0)
     ruby2_keywords (0.0.5)
-    rufus-scheduler (3.8.2)
+    rufus-scheduler (3.9.1)
       fugit (~> 1.1, >= 1.1.6)
     sanitize (6.0.1)
       crass (~> 1.0.2)
       nokogiri (>= 1.12.0)
-    sentry-rails (5.8.0)
+    sentry-rails (5.9.0)
       railties (>= 5.0)
-      sentry-ruby (~> 5.8.0)
-    sentry-ruby (5.8.0)
+      sentry-ruby (~> 5.9.0)
+    sentry-ruby (5.9.0)
       concurrent-ruby (~> 1.0, >= 1.0.2)
-    sidekiq (6.5.5)
-      connection_pool (>= 2.2.2)
+    sidekiq (6.5.9)
+      connection_pool (>= 2.2.5, < 3)
       rack (~> 2.0)
-      redis (>= 4.5.0)
-    sidekiq-scheduler (4.0.3)
-      redis (>= 4.2.0)
+      redis (>= 4.5.0, < 5)
+    sidekiq-scheduler (5.0.3)
       rufus-scheduler (~> 3.2)
-      sidekiq (>= 4, < 7)
+      sidekiq (>= 6, < 8)
       tilt (>= 1.4.0)
-    solargraph (0.48.0)
+    solargraph (0.49.0)
       backport (~> 1.2)
       benchmark
-      bundler (>= 1.17.2)
+      bundler (~> 2.0)
       diff-lcs (~> 1.4)
       e2mmap
       jaro_winkler (~> 1.5)
       kramdown (~> 2.3)
       kramdown-parser-gfm (~> 1.1)
       parser (~> 3.0)
-      reverse_markdown (>= 1.0.5, < 3)
-      rubocop (>= 0.52)
+      rbs (~> 2.0)
+      reverse_markdown (~> 2.0)
+      rubocop (~> 1.38)
       thor (~> 1.0)
       tilt (~> 2.0)
       yard (~> 0.9, >= 0.9.24)
-    sprockets (4.1.1)
+    sprockets (4.2.0)
       concurrent-ruby (~> 1.0)
-      rack (> 1, < 3)
+      rack (>= 2.2.4, < 4)
     sprockets-rails (3.4.2)
       actionpack (>= 5.2)
       activesupport (>= 5.2)
       sprockets (>= 3.0.0)
-    sqlite3 (1.5.4)
-      mini_portile2 (~> 2.8.0)
-    sqlite3 (1.5.4-x86_64-linux)
+    sqlite3 (1.6.3-arm64-darwin)
+    sqlite3 (1.6.3-x86_64-linux)
     stimulus-rails (1.2.1)
       railties (>= 6.0.0)
-    thor (1.2.1)
-    tilt (2.0.11)
-    timeout (0.3.0)
-    turbo-rails (1.3.2)
+    thor (1.2.2)
+    tilt (2.2.0)
+    timeout (0.3.2)
+    turbo-rails (1.4.0)
       actionpack (>= 6.0.0)
       activejob (>= 6.0.0)
       railties (>= 6.0.0)
-    tzinfo (2.0.5)
+    tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
     unicode-display_width (2.4.2)
-    view_component (2.78.0)
-      activesupport (>= 5.0.0, < 8.0)
+    view_component (3.2.0)
+      activesupport (>= 5.2.0, < 8.0)
       concurrent-ruby (~> 1.0)
       method_source (~> 1.0)
     warden (1.2.9)
@@ -375,18 +408,16 @@ GEM
       addressable (>= 2.8.0)
       crack (>= 0.3.2)
       hashdiff (>= 0.4.0, < 2.0.0)
-    webrick (1.7.0)
     websocket-driver (0.7.5)
       websocket-extensions (>= 0.1.0)
     websocket-extensions (0.1.5)
     xpath (3.2.0)
       nokogiri (~> 1.8)
-    yard (0.9.28)
-      webrick (~> 1.7.0)
-    zeitwerk (2.6.6)
+    yard (0.9.34)
+    zeitwerk (2.6.8)
 
 PLATFORMS
-  ruby
+  arm64-darwin-22
   x86_64-linux
 
 DEPENDENCIES
@@ -409,12 +440,15 @@ DEPENDENCIES
   letter_opener
   letter_opener_web
   listen (~> 3.2)
+  lnurl
   lockbox
   net-ldap
+  nostr!
   pagy (~> 6.0, >= 6.0.2)
   pg (~> 1.2.3)
   puma (~> 4.1)
   rails (~> 7.0.2)
+  rails-controller-testing
   rails-settings-cached (~> 2.8.3)
   rqrcode (~> 2.0)
   rspec-rails

README.md

@@ -14,7 +14,6 @@ so:
 
 1. Make sure [Docker Compose is installed][1] and Docker is running (included in
    Docker Desktop)
-2. Uncomment the `redis`, `web`, and `sidekiq` sections in `docker-compose.yml`
 3. Run `docker compose up` and wait until 389ds announces its successful start
    in the log output
 4. `docker-compose exec ldap dsconf localhost backend create --suffix="dc=kosmos,dc=org" --be-name="dev"`
@@ -53,12 +52,14 @@ Running all specs:
 
 ### Docker (Compose)
 
-There is a working Docker Compose config file, which allows you to spin up both
+There is a working Docker Compose config file, which define a number of services including
 an app server for Rails as well as a local 389ds (LDAP) server.
 
-By default, `docker-compose up` will only start the LDAP server, listening on
-port 389 on your machine. Uncomment other services in `docker-compose.yml` if
-you want to use them.
+For Rails developers, you probably just want to start the LDAP server: `docker-compose up ldap`, 
+listening on port 389 on your machine. 
+
+You can pick and choose your services adding them by name (listed in `docker-compose.yml`) at 
+the end of the docker compose command. eg. `docker compose up ldap redis`
 
 #### LDAP server
 
@@ -78,6 +79,13 @@ The setup task will first delete any existing entries in the directory tree
 Note that all 389ds data is stored in `tmp/389ds`. So if you want to start over
 with a fresh installation, delete both that directory as well as the container.
 
+### Adding npm modules to use with Stimulus controllers
+
+The following command downloads the specified npm module to `vendor/javascript`
+and adds an entry for it to `config/importmap.rb`.
+
+    bin/importmap pin bech32 --download
+
 ### Solargraph
 
 [Solargraph](https://solargraph.org/) is a Ruby language server, which you may
@@ -98,6 +106,8 @@ command:
 
 * [Tailwind CSS](https://tailwindcss.com/)
 * [Sass](https://sass-lang.com/documentation)
+* [Stimulus](https://stimulus.hotwired.dev/handbook/)
+* [Tailwind Stimulus Components](https://github.com/excid3/tailwindcss-stimulus-components)
 
 ### Testing
 

app/assets/config/manifest.js

@@ -1,3 +1,4 @@
 //= link_tree ../images
 //= link_tree ../../javascript .js
 //= link_tree ../builds
+//= link_tree ../../../vendor/javascript .js

app/assets/stylesheets/application.tailwind.css

@@ -2,6 +2,7 @@
 @import "tailwindcss/components";
 @import "tailwindcss/utilities";
 
+@import "components/animations";
 @import "components/base";
 @import "components/buttons";
 @import "components/dashboard_services";

app/assets/stylesheets/components/animations.css

@@ -0,0 +1,16 @@
+@keyframes scaleIn {
+  from {
+    transform: scale(0.5);
+    opacity: 0;
+  }
+  to {
+    transform: scale(1);
+    opacity: 1;
+  }
+}
+
+.animate-scale-in {
+  animation-name: scaleIn;
+  animation-duration: 0.15s;
+  animation-timing-function: cubic-bezier(0.2, 0, 0.13, 1);
+}

app/assets/stylesheets/components/base.css

@@ -24,6 +24,10 @@
     @apply text-xl mb-6;
   }
 
+  h4 {
+    @apply font-bold mb-4 leading-6;
+  }
+
   main section {
     @apply pt-8 sm:pt-12;
   }

app/assets/stylesheets/components/buttons.css

@@ -15,7 +15,11 @@
   }
 
   .btn-icon {
-    @apply px-3;
+    @apply py-2 px-3;
+  }
+
+  .btn-outline {
+    @apply py-2 border-2 border-gray-100 hover:bg-gray-100;
   }
 
   .btn-gray {
@@ -32,4 +36,9 @@
     @apply bg-red-600 hover:bg-red-700 text-white
            focus:ring-red-500 focus:ring-opacity-75;
   }
+
+  .btn:disabled {
+    @apply bg-gray-100 hover:bg-gray-200 text-gray-400
+           focus:ring-gray-300 focus:ring-opacity-75;
+  }
 }

app/assets/stylesheets/components/forms.css

@@ -15,6 +15,10 @@
     @apply border-b-red-600;
   }
 
+  .field_with_errors {
+    @apply inline-block;
+  }
+
   .error-msg {
     @apply text-red-700;
   }

app/components/app_info_component.html.erb

@@ -0,0 +1,15 @@
+<div class="flex">
+  <div class="<%= @icon_container_class %>">
+    <%= image_tag(@icon_path, class: 'h-full w-full') %>
+  </div>
+  <div class="flex-1 px-4">
+    <h4 class="sm:pt-2 mb-2 text-lg font-bold"><%= @name %></h4>
+    <p class="leading-snug"><%= @description %></p>
+    <p class="leading-snug flex flex-wrap gap-3">
+      <% @links.each do |link| %>
+        <a href="<%= link[1] %>" target="_blank"
+           class="flex-0 btn-sm btn-gray"><%= link[0] %></a>
+      <% end %>
+    </p>
+  </div>
+</div>

app/components/app_info_component.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+class AppInfoComponent < ViewComponent::Base
+  def initialize(name:, description:, icon_path: , icon_fill_box: false, links: [])
+    @name = name
+    @description = description
+    @icon_path = icon_path
+    @icon_container_class = icon_container_class(icon_fill_box)
+    @links = links
+  end
+
+  def icon_container_class(icon_fill_box)
+    str = "flex-0 h-16 w-16 sm:h-28 sm:w-28 bg-white rounded-3xl overflow-hidden"
+    unless icon_fill_box
+      str += " p-2 border border-gray-200"
+    end
+    str
+  end
+end

app/components/form_elements/fieldset_component.html.erb

@@ -1,4 +1,6 @@
-<%= tag.public_send(@tag, class: "mb-6 last:mb-0") do %>
+<%= tag.public_send(@tag, class: "mb-6 last:mb-0", data: {
+      :'field-name' => @field_name
+    }) do %>
   <% if @positioning == :vertical %>
   <label class="block">
     <p class="font-bold <%= @descripton.present? ? "mb-1" : "mb-2" %>">
@@ -9,7 +11,21 @@
       <%= @descripton %>
     </p>
     <% end %>
-    <%= content %>
+
+    <%= tag.p class: "flex gap-x-1", data: {
+                controller: @resettable ? "settings--resettable-field" : nil,
+              } do %>
+      <%= content %>
+      <% if @resettable %>
+        <button type="button"
+                class="relative grow-0 shrink-0 btn-md btn-outline text-red-700"
+                title="Reset to default value"
+                data-settings--resettable-field-target="resetButton"
+                data-action="settings--resettable-field#resetField">
+          Reset
+        </button>
+      <% end %>
+    <% end %>
   </label>
   <% elsif @positioning == :horizontal %>
   <label class="block flex items-center justify-between">

app/components/form_elements/fieldset_component.rb

@@ -2,11 +2,15 @@
 
 module FormElements
   class FieldsetComponent < ViewComponent::Base
-    def initialize(tag: "li", positioning: :vertical, title:, description: nil)
+    def initialize(tag: "li", positioning: :vertical,
+                   title:, description: nil,
+                   field_name: nil, resettable: false)
       @tag         = tag
       @positioning = positioning
       @title       = title
       @descripton  = description
+      @field_name  = field_name
+      @resettable  = resettable
     end
   end
 end

app/components/form_elements/fieldset_resettable_setting_component.html.erb

@@ -0,0 +1,13 @@
+<%= render FormElements::FieldsetComponent.new(
+      title: @title,
+      description: @description,
+      field_name: "setting_#{@key.to_s}",
+      resettable: @resettable
+    ) do %>
+  <%= method("#{@type}_field").call :setting, @key,
+    value: Setting.public_send(@key),
+    data: {
+      :'default-value' => Setting.get_field(@key)[:default]
+    },
+    class: "w-full" %>
+<% end %>

app/components/form_elements/fieldset_resettable_setting_component.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+module FormElements
+  class FieldsetResettableSettingComponent < ViewComponent::Base
+    def initialize(tag: "li", key:, type: :text, title:, description: nil)
+      @tag         = tag
+      @positioning = :vertical
+      @title       = title
+      @descripton  = description
+      @key         = key.to_sym
+      @type        = type
+      @resettable  = is_resettable?(@key)
+    end
+
+    def is_resettable?(key)
+      default_value = Setting.get_field(key)[:default]
+      default_value.present? && (default_value != Setting.send(key))
+    end
+  end
+end

app/components/modal_component.html.erb

@@ -0,0 +1,28 @@
+<div tabindex="-1" class="relative z-10">
+  <!-- Modal Background -->
+  <div class="hidden fixed inset-0 bg-black bg-opacity-80 overflow-y-auto flex items-center justify-center"
+        data-modal-target="background"
+        data-action="click->modal#closeBackground"
+        data-transition-enter="transition-all ease-in-out duration-100"
+        data-transition-enter-from="bg-opacity-0"
+        data-transition-enter-to="bg-opacity-80"
+        data-transition-leave="transition-all ease-in-out duration-100"
+        data-transition-leave-from="bg-opacity-80"
+        data-transition-leave-to="bg-opacity-0">
+
+    <!-- Modal Container -->
+    <div data-modal-target="container"
+         class="max-h-screen w-auto max-w-lg relative
+                hidden animate-scale-in fixed inset-0 overflow-y-auto flex items-center justify-center">
+      <!-- Modal Card -->
+      <div class="m-1 bg-white rounded shadow">
+        <div class="p-8">
+          <%= content %>
+          <div class="flex justify-end items-center flex-wrap mt-6">
+            <button class="btn-md btn-blue" data-action="click->modal#close:prevent">Close</button>
+          </div>
+        </div>
+      </div>
+    </div>
+  </div>
+</div>

app/components/modal_component.rb

@@ -0,0 +1,2 @@
+class ModalComponent < ViewComponent::Base
+end

app/components/qr_code_modal_component.html.erb

@@ -0,0 +1,6 @@
+<%= render ModalComponent.new do %>
+  <% if @descripton.present? %>
+    <p class="mb-6"><%= @description %></p>
+  <% end %>
+  <p><%= raw @qr_code_svg %></p>
+<% end %>

app/components/qr_code_modal_component.rb

@@ -0,0 +1,24 @@
+require "rqrcode"
+
+class QrCodeModalComponent < ViewComponent::Base
+  def initialize(qr_content:, description: nil)
+    @description = description
+    @qr_code_svg = qr_code_svg(qr_content)
+  end
+
+  private
+
+  def qr_code_svg(content)
+    qr_code = RQRCode::QRCode.new(content)
+    qr_code.as_svg(
+      color: "000",
+      shape_rendering: "crispEdges",
+      module_size: 6,
+      standalone: true,
+      use_path: true,
+      svg_attributes: {
+        class: 'inline-block'
+      }
+    )
+  end
+end

app/controllers/admin/users_controller.rb

@@ -4,7 +4,7 @@ class Admin::UsersController < Admin::BaseController
 
   def index
     ldap   = LdapService.new
-    @ou    = params[:ou] || "kosmos.org"
+    @ou    = params[:ou] || Setting.primary_domain
     @orgs  = ldap.fetch_organizations
     @pagy, @users = pagy(User.where(ou: @ou).order(cn: :asc))
 

app/controllers/dashboard_controller.rb

@@ -1,5 +1,5 @@
 class DashboardController < ApplicationController
-  before_action :authenticate_user!
+  before_action :require_user_signed_in
 
   def index
     @current_section = :services

app/controllers/rs/oauth_controller.rb

@@ -0,0 +1,145 @@
+class Rs::OauthController < ApplicationController
+  before_action :require_signed_in_with_username, only: :new
+  before_action :authenticate_user!, only: :create
+
+  def new
+    username, org  = params[:useraddress].split("@")
+    @user          = User.where(cn: username.downcase, ou: org).first
+    @scopes        = parse_scopes params[:scope]
+    @redirect_uri  = params[:redirect_uri]
+    @client_id     = params[:client_id]
+    @state         = params[:state]
+    @root_access_requested = (@scopes & [":r",":rw"]).any?
+
+    @denial_url = url_with_state("#{@redirect_uri}#error=access_denied", @state)
+
+    @expire_at_dates = [["Never", nil],
+                        ["In 1 month", 1.month.from_now],
+                        ["In 1 day", 1.day.from_now]]
+
+    http_status :bad_request and return unless @redirect_uri.present?
+
+    unless current_user == @user
+      sign_out :user
+
+      redirect_to new_rs_oauth_url(@user.address,
+                                   scope: params[:scope],
+                                   redirect_uri: params[:redirect_uri],
+                                   client_id: params[:client_id],
+                                   state: params[:state])
+      return
+    end
+
+    unless @client_id.present?
+      redirect_to(url_with_state("#{@redirect_uri}#error=invalid_request", @state),
+                  allow_other_host: true) and return
+    end
+
+    if @scopes.empty?
+      redirect_to(url_with_state("#{@redirect_uri}#error=invalid_scope", @state),
+                  allow_other_host: true) and return
+    end
+
+    unless hostname_of(@client_id) == hostname_of(@redirect_uri)
+      redirect_to(url_with_state("#{@redirect_uri}#error=invalid_client", @state),
+                  allow_other_host: true) and return
+    end
+
+    @client_id.gsub!(/http(s)?:\/\//, "")
+
+    if auth = current_user.remote_storage_authorizations.valid.where(permissions: @scopes, client_id: @client_id).first
+      redirect_to(url_with_state("#{@redirect_uri}#access_token=#{auth.token}", @state),
+                  allow_other_host: true) and return
+    end
+  end
+
+  def create
+    unless current_user.id.to_s == params[:user_id]
+      Rails.logger.info("NO MATCH: #{params[:user_id]}, #{current_user.id}")
+      http_status :forbidden and return
+    end
+
+    permissions  = parse_scopes params[:scope]
+    redirect_uri = params[:redirect_uri].presence
+    client_id    = params[:client_id].presence
+    state        = params[:state].presence
+    expire_at    = params[:expire_at].presence
+
+    http_status :bad_request and return unless redirect_uri.present?
+
+    if permissions.empty?
+      redirect_to(url_with_state("#{redirect_uri}#error=invalid_scope", state),
+                  allow_other_host: true) and return
+    end
+
+    unless client_id.present?
+      redirect_to(url_with_state("#{redirect_uri}#error=invalid_request", state),
+                  allow_other_host: true) and return
+    end
+
+    unless hostname_of(client_id) == hostname_of(redirect_uri)
+      redirect_to(url_with_state("#{redirect_uri}#error=invalid_client", state),
+                  allow_other_host: true) and return
+    end
+
+    client_id.gsub!(/http(s)?:\/\//, "")
+
+    auth = current_user.remote_storage_authorizations.create!(
+      permissions: permissions,
+      client_id: client_id,
+      redirect_uri: redirect_uri,
+      app_name: client_id, #TODO use user-defined name
+      expire_at: expire_at
+    )
+
+    redirect_to url_with_state("#{redirect_uri}#access_token=#{auth.token}", state),
+                allow_other_host: true
+  end
+
+  # GET /rs/oauth/token/:id/launch_app
+  def launch_app
+    auth = current_user.remote_storage_authorizations.find(params[:id])
+
+    redirect_to app_auth_url(auth), allow_other_host: true
+  end
+
+  private
+
+  def require_signed_in_with_username
+    unless user_signed_in?
+      username, org = params[:useraddress].split("@")
+      redirect_to new_user_session_path(cn: username, ou: org)
+    end
+  end
+
+  def app_auth_url(auth)
+    url = "#{auth.url}#remotestorage=#{current_user.address}"
+    url += "&access_token=#{auth.token}"
+    url
+  end
+
+  def hostname_of(uri)
+    uri.gsub(/http(s)?:\/\//, "").split(":")[0].split("/")[0]
+  end
+
+  def parse_scopes(scope_string)
+    return [] if scope_string.blank?
+
+    scopes = scope_string.
+      gsub(/\[|\]/, "").
+      gsub(/\,/, " ").
+      gsub(/\/:/, ":").
+      split(/\s/).map(&:strip).
+      reject(&:empty?)
+
+    scopes = [":r"] if scopes.include?("*:r")
+    scopes = [":rw"] if scopes.include?("*:rw")
+
+    scopes
+  end
+
+  def url_with_state(url, state)
+    state ? "#{url}&state=#{CGI.escape(state)}" : url
+  end
+
+end

app/controllers/services/base_controller.rb

@@ -0,0 +1,9 @@
+class Services::BaseController < ApplicationController
+  before_action :set_current_section
+
+  private
+
+    def set_current_section
+      @current_section = :services
+    end
+end

app/controllers/services/chat_controller.rb

@@ -0,0 +1,14 @@
+class Services::ChatController < Services::BaseController
+  before_action :authenticate_user!
+  before_action :require_service_available
+
+  def show
+    @service_enabled = current_user.services_enabled.include?(:xmpp)
+  end
+
+  private
+
+    def require_service_available
+      http_status :not_found unless Setting.ejabberd_enabled?
+    end
+end

app/controllers/services/lightning_controller.rb

@@ -1,4 +1,5 @@
 require "rqrcode"
+require "lnurl"
 
 class Services::LightningController < ApplicationController
   before_action :authenticate_user!
@@ -7,25 +8,51 @@ class Services::LightningController < ApplicationController
   before_action :fetch_balance
 
   def index
-    @wallet_url = "lndhub://#{current_user.ln_account}:#{current_user.ln_password}@#{ENV['LNDHUB_PUBLIC_URL']}"
-
-    qrcode = RQRCode::QRCode.new(@wallet_url)
-    @svg = qrcode.as_svg(
-      color: "000",
-      shape_rendering: "crispEdges",
-      module_size: 6,
-      standalone: true,
-      use_path: true,
-      svg_attributes: {
-        class: 'inline-block'
-      }
-    )
+    @wallet_setup_url = "lndhub://#{current_user.ln_account}:#{current_user.ln_password}@#{ENV['LNDHUB_PUBLIC_URL']}"
   end
 
   def transactions
     @transactions = fetch_transactions
   end
 
+  def qr_lnurlp
+    lnurlp_url = "https://kosmos.org/.well-known/lnurlp/#{current_user.cn}"
+    lnurlp_bech32 = Lnurl.new(lnurlp_url).to_bech32
+    qr_code = RQRCode::QRCode.new("lightning:" + lnurlp_bech32)
+
+    respond_to do |format|
+      format.svg do
+        qr_svg = qr_code.as_svg(
+          color: "000",
+          shape_rendering: "crispEdges",
+          module_size: 6,
+          standalone: true,
+          use_path: true,
+          svg_attributes: {
+            class: 'inline-block'
+          }
+        )
+        send_data(
+          qr_svg,
+          filename: "bitcoin-lightning-#{current_user.address}.svg",
+          type: "image/svg+xml"
+        )
+      end
+      format.png do
+        qr_png = qr_code.as_png(
+          fill: "white",
+          color: "black",
+          size: 1024,
+        )
+        send_data(
+          qr_png,
+          filename: "bitcoin-lightning-#{current_user.address}.png",
+          type: "image/png"
+        )
+      end
+    end
+  end
+
   private
 
   def authenticate_with_lndhub(options={})
@@ -37,8 +64,8 @@ class Services::LightningController < ApplicationController
       session[:ln_auth_token] = auth_token
       @ln_auth_token = auth_token
     end
-  rescue
-    # TODO add exception tracking
+  rescue => e
+    Sentry.capture_exception(e) if Setting.sentry_enabled?
   end
 
   def set_current_section
@@ -49,9 +76,9 @@ class Services::LightningController < ApplicationController
     lndhub = Lndhub.new
     data = lndhub.balance @ln_auth_token
     @balance = data["BTC"]["AvailableBalance"] rescue nil
-  rescue
+  rescue AuthError
     authenticate_with_lndhub(force_reauth: true)
-    return nil if @fetch_balance_retried
+    raise if @fetch_balance_retried
     @fetch_balance_retried = true
     fetch_balance
   end
@@ -61,9 +88,9 @@ class Services::LightningController < ApplicationController
     txs = lndhub.gettxs @ln_auth_token
     invoices = lndhub.getuserinvoices(@ln_auth_token).select{|i| i["ispaid"]}
     process_transactions(txs + invoices)
-  rescue
+  rescue AuthError
     authenticate_with_lndhub(force_reauth: true)
-    return [] if @fetch_transactions_retried
+    raise if @fetch_transactions_retried
     @fetch_transactions_retried = true
     fetch_transactions
   end
@@ -86,6 +113,10 @@ class Services::LightningController < ApplicationController
       end
     end
 
+    # Handle an edge case where lndhub.go includes a failed payment in the
+    # list, which wasn't actually booked
+    txs.reject!{ |tx| tx["type"] == "paid_invoice" && tx["payment_preimage"].blank? }
+
     txs.sort{ |a,b| b["datetime"] <=> a["datetime"] }
   end
 end

app/controllers/services/mastodon_controller.rb

@@ -0,0 +1,14 @@
+class Services::MastodonController < Services::BaseController
+  before_action :authenticate_user!
+  before_action :require_service_available
+
+  def show
+    @service_enabled = current_user.services_enabled.include?(:mastodon)
+  end
+
+  private
+
+    def require_service_available
+      http_status :not_found unless Setting.mastodon_enabled?
+    end
+end

app/controllers/services/remotestorage_controller.rb

@@ -1,8 +1,7 @@
-class Services::RemotestorageController < ApplicationController
-  before_action :require_user_signed_in
-  before_action :require_service_enabled
+class Services::RemotestorageController < Services::BaseController
+  before_action :authenticate_user!
   before_action :require_feature_enabled
-  before_action :set_current_section
+  before_action :require_service_available
 
   def dashboard
     # unless current_user.services_enabled.include?(:remotestorage)
@@ -18,13 +17,7 @@ class Services::RemotestorageController < ApplicationController
       end
     end
 
-    def require_service_enabled
-      unless Setting.remotestorage_enabled?
-        http_status :not_found
-      end
-    end
-
-    def set_current_section
-      @current_section = :services
+    def require_service_available
+      http_status :not_found unless Setting.remotestorage_enabled?
     end
 end

app/controllers/settings_controller.rb

@@ -1,3 +1,5 @@
+require 'securerandom'
+
 class SettingsController < ApplicationController
   before_action :authenticate_user!
   before_action :set_main_nav_section
@@ -9,6 +11,9 @@ class SettingsController < ApplicationController
   end
 
   def show
+    if @settings_section == "experiments"
+      session[:shared_secret] ||= SecureRandom.base64(12)
+    end
   end
 
   def update
@@ -53,6 +58,45 @@ class SettingsController < ApplicationController
     redirect_to check_your_email_path, notice: msg
   end
 
+  def set_nostr_pubkey
+    signed_event = nostr_event_params[:signed_event].to_h.symbolize_keys
+    is_valid_id  = NostrManager::ValidateId.call(signed_event)
+    is_valid_sig = NostrManager::VerifySignature.call(signed_event)
+    is_correct_content = signed_event[:content] == "Connect my public key to #{current_user.address} (confirmation #{session[:shared_secret]})"
+
+    unless is_valid_id && is_valid_sig && is_correct_content
+      flash[:alert] = "Public key could not be verified"
+      http_status :unprocessable_entity and return
+    end
+
+    pubkey_taken = User.all_except(current_user).where(
+      ou: current_user.ou, nostr_pubkey: signed_event[:pubkey]
+    ).any?
+
+    if pubkey_taken
+      flash[:alert] = "Public key already in use for a different account"
+      http_status :unprocessable_entity and return
+    end
+
+    current_user.update! nostr_pubkey: signed_event[:pubkey]
+    session[:shared_secret] = nil
+
+    flash[:success] = "Public key verification successful"
+    http_status :ok
+  rescue
+    flash[:alert] = "Public key could not be verified"
+    http_status :unprocessable_entity and return
+  end
+
+  # DELETE /settings/nostr_pubkey
+  def remove_nostr_pubkey
+    current_user.update! nostr_pubkey: nil
+
+    redirect_to setting_path(:experiments), flash: {
+      success: 'Public key removed from account'
+    }
+  end
+
   private
 
     def set_main_nav_section
@@ -61,7 +105,7 @@ class SettingsController < ApplicationController
 
     def set_settings_section
       @settings_section = params[:section]
-      allowed_sections = [:profile, :account, :lightning, :xmpp]
+      allowed_sections = [:profile, :account, :lightning, :xmpp, :experiments]
 
       unless allowed_sections.include?(@settings_section.to_sym)
         redirect_to setting_path(:profile)
@@ -82,4 +126,10 @@ class SettingsController < ApplicationController
     def email_params
       params.require(:user).permit(:email, :current_password)
     end
+
+    def nostr_event_params
+      params.permit(signed_event: [
+        :id, :pubkey, :created_at, :kind, :tags, :content, :sig
+      ])
+    end
 end

app/controllers/signup_controller.rb

@@ -88,7 +88,7 @@ class SignupController < ApplicationController
     if session[:new_user].present?
       @user = User.new(session[:new_user])
     else
-      @user = User.new(ou: "kosmos.org")
+      @user = User.new(ou: Setting.primary_domain)
     end
   end
 
@@ -98,7 +98,7 @@ class SignupController < ApplicationController
 
     CreateAccount.call(
       username: @user.cn,
-      domain: "kosmos.org",
+      domain: Setting.primary_domain,
       email: @user.email,
       password: @user.password,
       invitation: @invitation

app/controllers/webhooks_controller.rb

@@ -30,7 +30,7 @@ class WebhooksController < ApplicationController
   def notify_xmpp(address, amt_sats, memo)
     payload = {
       type: "normal",
-      from: "kosmos.org", # TODO domain config
+      from: Setting.primary_domain,
       to: address,
       subject: "Sats received!",
       body: "#{helpers.number_with_delimiter amt_sats} sats received in your Lightning wallet:\n> #{memo}"

app/controllers/well_known_controller.rb

@@ -0,0 +1,16 @@
+class WellKnownController < ApplicationController
+  def nostr
+    http_status :unprocessable_entity and return if params[:name].blank?
+    domain = request.headers["X-Forwarded-Host"].presence || Setting.primary_domain
+    @user = User.where(cn: params[:name], ou: domain).first
+    http_status :not_found and return if @user.nil? || @user.nostr_pubkey.blank?
+
+    respond_to do |format|
+      format.json do
+        render json: {
+          names: { "#{@user.cn}": @user.nostr_pubkey }
+        }.to_json
+      end
+    end
+  end
+end

app/errors/auth_error.rb

@@ -0,0 +1 @@
+class AuthError < StandardError; end

app/helpers/oauth_helper.rb

@@ -0,0 +1,11 @@
+module OauthHelper
+
+  def scope_name(scope)
+    scope.gsub(/(\:.+)/, '')
+  end
+
+  def scope_permissions(scope)
+    scope.match(/\:r$/) ? "r" : "rw"
+  end
+
+end

app/javascript/controllers/application.js

@@ -1,7 +1,11 @@
 import { Application } from "@hotwired/stimulus"
+import { Modal, Tabs } from "tailwindcss-stimulus-components"
 
 const application = Application.start()
 
+application.register('modal', Modal)
+application.register('tabs', Tabs)
+
 // Configure Stimulus development experience
 application.debug = false
 window.Stimulus   = application

app/javascript/controllers/settings/nostr_pubkey_controller.js

@@ -0,0 +1,65 @@
+import { Controller } from "@hotwired/stimulus"
+import { bech32 } from "bech32"
+
+function hexToBytes (hex) {
+  let bytes = []
+  for (let c = 0; c < hex.length; c += 2) {
+    bytes.push(parseInt(hex.substr(c, 2), 16))
+  }
+  return bytes
+}
+
+// Connects to data-controller="settings--nostr-pubkey"
+export default class extends Controller {
+  static targets = [ "noExtension", "setPubkey", "pubkeyBech32Input" ]
+  static values  = { userAddress: String, pubkeyHex: String, sharedSecret: String }
+
+  connect () {
+    if (this.hasPubkeyHexValue && this.pubkeyHexValue.length > 0) {
+      this.pubkeyBech32InputTarget.value = this.pubkeyBech32
+    }
+
+    if (window.nostr) {
+      if (this.hasSetPubkeyTarget) {
+        this.setPubkeyTarget.disabled = false
+      }
+    } else {
+      this.noExtensionTarget.classList.remove("hidden")
+    }
+  }
+
+  async setPubkey () {
+    this.setPubkeyTarget.disabled = true
+
+    try {
+      const signedEvent = await window.nostr.signEvent({
+        created_at: Math.floor(Date.now() / 1000),
+        kind: 1,
+        tags: [],
+        content: `Connect my public key to ${this.userAddressValue} (confirmation ${this.sharedSecretValue})`
+      })
+
+      const res = await fetch("/settings/set_nostr_pubkey", {
+        method: "POST", credentials: "include", headers: {
+          "Accept": "application/json", 'Content-Type': 'application/json',
+          "X-CSRF-Token": this.csrfToken
+        }, body: JSON.stringify({ signed_event: signedEvent })
+      });
+
+      window.location.reload()
+    } catch (error) {
+      console.warn('Unable to verify pubkey:', error.message)
+      this.setPubkeyTarget.disabled = false
+    }
+  }
+
+  get pubkeyBech32 () {
+    const words = bech32.toWords(hexToBytes(this.pubkeyHexValue))
+    return bech32.encode('npub', words)
+  }
+
+  get csrfToken () {
+    const element = document.head.querySelector('meta[name="csrf-token"]')
+    return element.getAttribute("content")
+  }
+}

app/javascript/controllers/settings/resettable_field_controller.js

@@ -0,0 +1,10 @@
+import { Controller } from "@hotwired/stimulus"
+
+export default class extends Controller {
+  static targets = [ "resetButton" ]
+
+  resetField () {
+    const inputEl = this.element.querySelector('input')
+    inputEl.value = inputEl.dataset.defaultValue
+  }
+}

app/jobs/remote_storage_expire_authorization_job.rb

@@ -0,0 +1,10 @@
+class RemoteStorageExpireAuthorizationJob < ApplicationJob
+  queue_as :remotestorage
+
+  def perform(rs_auth_id)
+    rs_auth = RemoteStorageAuthorization.find rs_auth_id
+    return unless rs_auth.expire_at.nil? || rs_auth.expire_at <= DateTime.now
+
+    rs_auth.destroy!
+  end
+end

app/models/remote_storage_authorization.rb

@@ -0,0 +1,63 @@
+class RemoteStorageAuthorization < ApplicationRecord
+  belongs_to :user
+
+  serialize :permissions
+
+  validates_presence_of :permissions
+  validates_presence_of :client_id
+
+  scope :valid, -> { where(expire_at: nil).or(where(expire_at: (DateTime.now)..)) }
+  scope :expired, -> { where(expire_at: ..(DateTime.now)) }
+
+  after_initialize do |a|
+    a.permissions = [] if a.permissions == nil
+  end
+
+  before_create  :generate_token
+  before_create  :store_token_in_redis
+  after_create   :schedule_token_expiry
+  before_destroy :delete_token_from_redis
+  after_destroy  :remove_token_expiry_job
+
+  def url
+    if self.redirect_uri
+      uri = URI.parse self.redirect_uri
+      "#{uri.scheme}://#{client_id}"
+    else
+      "http://#{client_id}"
+    end
+  end
+
+  def delete_token_from_redis
+    key = "rs:authorizations:#{user.address}:#{token}"
+    redis.srem? key, redis.smembers(key)
+  end
+
+  private
+
+    def redis
+      @redis ||= Redis.new(url: Setting.rs_redis_url)
+    end
+
+    def generate_token(length=16)
+      self.token = SecureRandom.hex(length) if self.token.blank?
+    end
+
+    def store_token_in_redis
+      redis.sadd "rs:authorizations:#{user.address}:#{token}", permissions
+    end
+
+    def schedule_token_expiry
+      return unless expire_at.present?
+      RemoteStorageExpireAuthorizationJob.set(wait_until: expire_at)
+                                         .perform_later(id)
+    end
+
+    def remove_token_expiry_job
+      queue = Sidekiq::Queue.new(RemoteStorageExpireAuthorizationJob.queue_name)
+      queue.each do |job|
+        next unless job.display_class == "RemoteStorageExpireAuthorizationJob"
+        job.delete if job.display_args == [id]
+      end
+    end
+end

app/models/setting.rb

@@ -2,6 +2,9 @@
 class Setting < RailsSettings::Base
   cache_prefix { "v1" }
 
+  field :primary_domain, type: :string,
+    default: ENV["PRIMARY_DOMAIN"].presence
+
   field :accounts_domain, type: :string,
     default: ENV["AKKOUNTS_DOMAIN"].presence
 
@@ -9,7 +12,7 @@ class Setting < RailsSettings::Base
   # Internal services
   #
 
-  field :redis_url, type: :string, readonly: true,
+  field :redis_url, type: :string,
     default: ENV["REDIS_URL"] || "redis://localhost:6379/0"
 
   #
@@ -26,6 +29,7 @@ class Setting < RailsSettings::Base
 
   field :xmpp_default_rooms, type: :array, default: []
   field :xmpp_autojoin_default_rooms, type: :boolean, default: false
+  field :xmpp_notifications_from_address, type: :string, default: primary_domain
 
   #
   # Sentry
@@ -38,15 +42,25 @@ class Setting < RailsSettings::Base
   # Discourse
   #
 
-  field :discourse_public_url, type: :string, readonly: true,
+  field :discourse_public_url, type: :string,
     default: ENV["DISCOURSE_PUBLIC_URL"].presence
 
   field :discourse_enabled, type: :boolean,
     default: (ENV["DISCOURSE_PUBLIC_URL"].present?.to_s || false)
 
-  field :discourse_connect_secret, type: :string, readonly: true,
+  field :discourse_connect_secret, type: :string,
     default: ENV["DISCOURSE_CONNECT_SECRET"].presence
 
+  #
+  # Drone CI
+  #
+
+  field :droneci_public_url, type: :string,
+    default: ENV["DRONECI_PUBLIC_URL"].presence
+
+  field :droneci_enabled, type: :boolean,
+    default: (ENV["DRONECI_PUBLIC_URL"].present?.to_s || false)
+
   #
   # ejabberd
   #
@@ -54,10 +68,10 @@ class Setting < RailsSettings::Base
   field :ejabberd_enabled, type: :boolean,
     default: (ENV["EJABBERD_API_URL"].present?.to_s || false)
 
-  field :ejabberd_api_url, type: :string, readonly: true,
+  field :ejabberd_api_url, type: :string,
     default: ENV["EJABBERD_API_URL"].presence
 
-  field :ejabberd_admin_url, type: :string, readonly: true,
+  field :ejabberd_admin_url, type: :string,
     default: ENV["EJABBERD_ADMIN_URL"].presence
 
   field :ejabberd_buddy_roster, type: :string,
@@ -67,7 +81,7 @@ class Setting < RailsSettings::Base
   # Gitea
   #
 
-  field :gitea_public_url, type: :string, readonly: true,
+  field :gitea_public_url, type: :string,
     default: ENV["GITEA_PUBLIC_URL"].presence
 
   field :gitea_enabled, type: :boolean,
@@ -77,7 +91,7 @@ class Setting < RailsSettings::Base
   # Lightning Network
   #
 
-  field :lndhub_api_url, type: :string, readonly: true,
+  field :lndhub_api_url, type: :string,
     default: ENV["LNDHUB_API_URL"].presence
 
   field :lndhub_enabled, type: :boolean,
@@ -86,7 +100,7 @@ class Setting < RailsSettings::Base
   field :lndhub_admin_enabled, type: :boolean,
     default: (ENV["LNDHUB_ADMIN_UI"] || false)
 
-  field :lndhub_public_key, type: :string, readonly: true,
+  field :lndhub_public_key, type: :string,
     default: (ENV["LNDHUB_PUBLIC_KEY"] || "")
 
   field :lndhub_keysend_enabled, type: :boolean,
@@ -96,17 +110,20 @@ class Setting < RailsSettings::Base
   # Mastodon
   #
 
-  field :mastodon_public_url, type: :string, readonly: true,
+  field :mastodon_public_url, type: :string,
     default: ENV["MASTODON_PUBLIC_URL"].presence
 
   field :mastodon_enabled, type: :boolean,
     default: (ENV["MASTODON_PUBLIC_URL"].present?.to_s || false)
 
+  field :mastodon_address_domain, type: :string,
+    default: ENV["MASTODON_ADDRESS_DOMAIN"].presence || self.primary_domain
+
   #
   # MediaWiki
   #
 
-  field :mediawiki_public_url, type: :string, readonly: true,
+  field :mediawiki_public_url, type: :string,
     default: ENV["MEDIAWIKI_PUBLIC_URL"].presence
 
   field :mediawiki_enabled, type: :boolean,
@@ -127,4 +144,7 @@ class Setting < RailsSettings::Base
 
   field :rs_storage_url, type: :string,
     default: ENV["RS_STORAGE_URL"].presence
+
+  field :rs_redis_url, type: :string,
+    default: ENV["RS_REDIS_URL"] || "redis://localhost:6379/1"
 end

app/models/user.rb

@@ -18,7 +18,9 @@ class User < ApplicationRecord
 
   has_many :accounts, through: :lndhub_user
 
-  validates_uniqueness_of :cn
+  has_many :remote_storage_authorizations
+
+  validates_uniqueness_of :cn, scope: :ou
   validates_length_of :cn, minimum: 3
   validates_format_of :cn, with: /\A([a-z0-9\-])*\z/,
                            if: Proc.new{ |u| u.cn.present? },
@@ -36,8 +38,11 @@ class User < ApplicationRecord
   validates_length_of :display_name, minimum: 3, maximum: 35, allow_blank: true,
                                      if: -> { defined?(@display_name) }
 
-  scope :confirmed, -> { where.not(confirmed_at: nil) }
-  scope :pending,   -> { where(confirmed_at: nil) }
+  validates_uniqueness_of :nostr_pubkey, allow_blank: true
+
+  scope :confirmed,  -> { where.not(confirmed_at: nil) }
+  scope :pending,    -> { where(confirmed_at: nil) }
+  scope :all_except, -> (user) { where.not(id: user) }
 
   has_encrypted :ln_login, :ln_password
 
@@ -67,6 +72,7 @@ class User < ApplicationRecord
       # E-Mail update confirmed
       LdapManager::UpdateEmail.call(self.dn, self.email)
     else
+      # TODO Make configurable
       # E-Mail from signup confirmed (i.e. account activation)
       enable_service %w[ discourse gitea mediawiki xmpp ]
 
@@ -104,6 +110,11 @@ class User < ApplicationRecord
     "#{self.cn}@#{self.ou}"
   end
 
+  def mastodon_address
+    return nil unless Setting.mastodon_enabled?
+    "#{self.cn}@#{Setting.mastodon_address_domain}"
+  end
+
   def valid_attribute?(attribute_name)
     self.valid?
     self.errors[attribute_name].blank?

app/services/create_account.rb

@@ -1,7 +1,7 @@
 class CreateAccount < ApplicationService
   def initialize(args)
     @username   = args[:username]
-    @domain     = args[:ou] || "kosmos.org"
+    @domain     = args[:ou] || Setting.primary_domain
     @email      = args[:email]
     @password   = args[:password]
     @invitation = args[:invitation]

app/services/lndhub.rb

@@ -12,12 +12,7 @@ class Lndhub
     end
 
     res = Faraday.post "#{@base_url}/#{endpoint}", payload.to_json, headers
-
-    if res.status != 200
-      Rails.logger.error "[lndhub] API request failed:"
-      Rails.logger.error res.body
-      #TODO add some kind of exception tracking/notifications
-    end
+    log_error(res) if res.status != 200
 
     JSON.parse(res.body)
   end
@@ -31,7 +26,7 @@ class Lndhub
     data = JSON.parse(res.body)
 
     if data.is_a?(Hash) && data["error"] && data["message"] == "bad auth"
-      raise "BAD_AUTH"
+      raise AuthError
     else
       data
     end
@@ -68,4 +63,13 @@ class Lndhub
 
     invoice["payment_request"]
   end
+
+  def log_error(res)
+    Rails.logger.error "[lndhub] API request failed:"
+    Rails.logger.error res.body
+
+    if Setting.sentry_enabled?
+      Sentry.capture_message("Lndhub API request failed: #{res.body}")
+    end
+  end
 end

app/services/lndhub_v2.rb

@@ -1,9 +1,4 @@
-class LndhubV2
-  attr_accessor :auth_token
-
-  def initialize
-    @base_url = ENV["LNDHUB_API_URL"]
-  end
+class LndhubV2 < Lndhub
 
   def post(endpoint, payload, options={})
     headers = { "Content-Type" => "application/json" }
@@ -12,64 +7,12 @@ class LndhubV2
     elsif options[:admin_token]
       headers.merge!({ "Authorization" => "Bearer #{options[:admin_token]}" })
     end
-
     res = Faraday.post "#{@base_url}/#{endpoint}", payload.to_json, headers
-
-    if res.status != 200
-      Rails.logger.error "[lndhub] API request failed:"
-      Rails.logger.error res.body
-      #TODO add some kind of exception tracking/notifications
-    end
+    log_error(res) if res.status != 200
 
     JSON.parse(res.body)
   end
 
-  def get(endpoint, auth_token)
-    res = Faraday.get("#{@base_url}/#{endpoint}", {}, {
-      "Content-Type" => "application/json",
-      "Accept" => "application/json",
-      "Authorization" => "Bearer #{auth_token}"
-    })
-
-    JSON.parse(res.body)
-  end
-
-  def create(payload)
-    post "create", payload
-  end
-
-  def authenticate(user)
-    credentials = post "auth?type=auth", { login: user.ln_account, password: user.ln_password }
-    self.auth_token = credentials["access_token"]
-    self.auth_token
-  end
-
-  def balance(user_token=nil)
-    get "balance", user_token || auth_token
-  end
-
-  def gettxs(user_token)
-    get "gettxs", user_token || auth_token
-  end
-
-  def getuserinvoices(user_token)
-    get "getuserinvoices", user_token || auth_token
-  end
-
-  def addinvoice(payload)
-    invoice = post "addinvoice", {
-      amt: payload[:amount],
-      memo: payload[:memo],
-      description_hash: payload[:description_hash]
-    }
-
-    invoice["payment_request"]
-  end
-
-  #
-  # V2
-  #
-
   def create_account(payload={})
     post "v2/users", payload, admin_token: Rails.application.credentials.lndhub[:admin_token]
   end
@@ -78,4 +21,5 @@ class LndhubV2
     # Payload: { amount: 1000, description: "", description_hash: "" }
     post "v2/invoices", payload
   end
+
 end

app/services/nostr_manager/validate_id.rb

@@ -0,0 +1,11 @@
+module NostrManager
+  class ValidateId < NostrManagerService
+    def initialize(event)
+      @event = Nostr::Event.new(**event)
+    end
+
+    def call
+      @event.id == Digest::SHA256.hexdigest(JSON.generate(@event.serialize))
+    end
+  end
+end

app/services/nostr_manager/verify_signature.rb

@@ -0,0 +1,17 @@
+module NostrManager
+  class VerifySignature < NostrManagerService
+    def initialize(event)
+      @event = Nostr::Event.new(**event)
+    end
+
+    def call
+      Schnorr.check_sig!(
+        [@event.id].pack('H*'),
+        [@event.pubkey].pack('H*'),
+        [@event.sig].pack('H*')
+      )
+    rescue Schnorr::InvalidSignatureError
+      false
+    end
+  end
+end

app/services/nostr_manager_service.rb

@@ -0,0 +1,4 @@
+require "nostr"
+
+class NostrManagerService < ApplicationService
+end

app/views/admin/donations/_form.html.erb

@@ -12,7 +12,7 @@
 
   <section class="sm:w-1/2 grid grid-cols-2 items-center gap-y-2">
     <%= form.label :user_id %>
-    <%= form.collection_select :user_id, User.where(ou: "kosmos.org").order(:cn), :id, :cn, {} %>
+    <%= form.collection_select :user_id, User.where(ou: Setting.primary_domain).order(:cn), :id, :cn, {} %>
 
     <%= form.label :amount_sats, "Amount BTC (sats)" %>
     <%= form.number_field :amount_sats %>

app/views/admin/settings/services/_discourse.html.erb

@@ -8,16 +8,15 @@
     description: "Discourse configuration present and features enabled"
   ) %>
 <% if Setting.discourse_enabled? %>
-  <%= render FormElements::FieldsetComponent.new(title: "Public URL") do %>
-    <%= f.text_field :discourse_public_url,
-      value: Setting.discourse_public_url,
-      class: "w-full", disabled: true %>
-  <% end %>
-  <%= render FormElements::FieldsetComponent.new(title: "Connect secret") do %>
-    <%= f.password_field :discourse_connect_secret,
-      value: Setting.discourse_connect_secret,
-      class: "w-full", disabled: true %>
-  <% end %>
+  <%= render FormElements::FieldsetResettableSettingComponent.new(
+        key: :discourse_public_url,
+        title: "Public URL"
+      ) %>
+  <%= render FormElements::FieldsetResettableSettingComponent.new(
+        key: :discourse_connect_secret,
+        type: :password,
+        title: "Connect secret"
+      ) %>
 <% end %>
 </ul>
 <% if Setting.discourse_enabled? %>
@@ -31,14 +30,14 @@
       <input type="text" class="grow" disabled="disabled"
              value="https://<%= Setting.accounts_domain %>/discourse/connect"
              data-clipboard-target="source" />
-      <button class="btn-md btn-icon btn-blue shrink-0"
+      <button class="btn-md btn-icon btn-outline shrink-0"
               data-clipboard-target="trigger" data-action="clipboard#copy"
               title="Copy to clipboard">
         <span class="content-initial">
-          <%= render partial: "icons/copy", locals: { custom_class: "text-white h-4 w-4 inline" } %>
+          <%= render partial: "icons/copy", locals: { custom_class: "text-blue-600 h-4 w-4 inline" } %>
         </span>
         <span class="content-active hidden">
-          <%= render partial: "icons/check", locals: { custom_class: "text-white h-4 w-4 inline" } %>
+          <%= render partial: "icons/check", locals: { custom_class: "text-blue-600 h-4 w-4 inline" } %>
         </span>
       </button>
     </li>

app/views/admin/settings/services/_droneci.html.erb

@@ -0,0 +1,16 @@
+<h3>Drone CI</h3>
+<ul role="list">
+  <%= render FormElements::FieldsetToggleComponent.new(
+    form: f,
+    attribute: :droneci_enabled,
+    enabled: Setting.droneci_enabled?,
+    title: "Enable Drone CI integration",
+    description: "Drone CI configuration present and features enabled"
+  ) %>
+  <% if Setting.droneci_enabled? %>
+    <%= render FormElements::FieldsetResettableSettingComponent.new(
+          key: :droneci_public_url,
+          title: "Public URL"
+        ) %>
+  <% end %>
+</ul>

app/views/admin/settings/services/_ejabberd.html.erb

@@ -8,16 +8,14 @@
     description: "ejabberd configuration present and features enabled"
   ) %>
 <% if Setting.ejabberd_enabled? %>
-  <%= render FormElements::FieldsetComponent.new(title: "API URL") do %>
-    <%= f.text_field :ejabberd_api_url,
-      value: Setting.ejabberd_api_url,
-      class: "w-full", disabled: true %>
-  <% end %>
-  <%= render FormElements::FieldsetComponent.new(title: "Admin URL") do %>
-    <%= f.text_field :ejabberd_admin_url,
-      value: Setting.ejabberd_admin_url,
-      class: "w-full", disabled: true %>
-  <% end %>
+  <%= render FormElements::FieldsetResettableSettingComponent.new(
+        key: :ejabberd_api_url,
+        title: "API URL"
+      ) %>
+  <%= render FormElements::FieldsetResettableSettingComponent.new(
+        key: :ejabberd_admin_url,
+        title: "Admin URL"
+      ) %>
 </ul>
 <h3 class="mt-10">User default settings</h3>
 <ul role="list">
@@ -37,12 +35,24 @@
     title: "Auto-join default rooms",
     description: "Automatically join above default rooms in chat clients"
   ) %>
-  <%= render FormElements::FieldsetComponent.new(
+  <%= render FormElements::FieldsetResettableSettingComponent.new(
+        key: :ejabberd_buddy_roster,
         title: "Contact roster name",
         description: "Used when exchanging contacts after signup from invitation"
+      ) %>
+</ul>
+<h3 class="mt-10">Notifications</h3>
+<ul role="list">
+  <%= render FormElements::FieldsetComponent.new(
+        title: "From address",
+        description: "Address (JID) of the account notifications are sent from",
+        resettable: Setting.get_field(:xmpp_notifications_from_address)[:default] != Setting.xmpp_notifications_from_address
       ) do %>
-    <%= f.text_field :ejabberd_buddy_roster,
-      value: Setting.ejabberd_buddy_roster,
+    <%= f.text_field :xmpp_notifications_from_address,
+      value: Setting.xmpp_notifications_from_address,
+      data: {
+        :'default-value' => Setting.get_field(:xmpp_notifications_from_address)[:default]
+      },
       class: "w-full" %>
   <% end %>
 <% end %>

app/views/admin/settings/services/_gitea.html.erb

@@ -8,10 +8,9 @@
     description: "Gitea configuration present and features enabled"
   ) %>
   <% if Setting.gitea_enabled? %>
-    <%= render FormElements::FieldsetComponent.new(title: "Public URL") do %>
-      <%= f.text_field :gitea_public_url,
-        value: Setting.gitea_public_url,
-        class: "w-full", disabled: true %>
-    <% end %>
+    <%= render FormElements::FieldsetResettableSettingComponent.new(
+          key: :gitea_public_url,
+          title: "Public URL"
+        ) %>
   <% end %>
 </ul>

app/views/admin/settings/services/_lndhub.html.erb

@@ -8,11 +8,10 @@
     description: "LNDHub configuration present and wallet features enabled"
   ) %>
   <% if Setting.lndhub_enabled? %>
-    <%= render FormElements::FieldsetComponent.new(title: "API URL") do %>
-      <%= f.text_field :lndhub_api_url,
-        value: Setting.lndhub_api_url,
-        class: "w-full", disabled: true %>
-    <% end %>
+    <%= render FormElements::FieldsetResettableSettingComponent.new(
+          key: :lndhub_api_url,
+          title: "API URL"
+        ) %>
   <% end %>
   <%= render FormElements::FieldsetToggleComponent.new(
     form: f,
@@ -29,10 +28,10 @@
     description: "Allow users to receive invoice-less payments to their Lightning Address"
   ) %>
   <% if Setting.lndhub_keysend_enabled? %>
-    <%= render FormElements::FieldsetComponent.new(title: "Public key", description: "The public key of the Lightning node used by LNDHub") do %>
-      <%= f.text_field :lndhub_public_key,
-        value: Setting.lndhub_public_key,
-        class: "w-full", disabled: true %>
-    <% end %>
+    <%= render FormElements::FieldsetResettableSettingComponent.new(
+          key: :lndhub_public_key,
+          title: "Public key",
+          description: "The public key of the Lightning node used by LNDHub"
+        ) %>
   <% end %>
 </ul>

app/views/admin/settings/services/_mastodon.html.erb

@@ -8,10 +8,13 @@
     description: "Mastodon configuration present and features enabled"
   ) %>
   <% if Setting.mastodon_enabled? %>
-    <%= render FormElements::FieldsetComponent.new(title: "Public URL") do %>
-      <%= f.text_field :mastodon_public_url,
-        value: Setting.mastodon_public_url,
-        class: "w-full", disabled: true %>
-    <% end %>
+    <%= render FormElements::FieldsetResettableSettingComponent.new(
+          key: :mastodon_public_url,
+          title: "Public URL"
+        ) %>
+    <%= render FormElements::FieldsetResettableSettingComponent.new(
+          key: :mastodon_address_domain,
+          title: "User address domain"
+        ) %>
   <% end %>
 </ul>

app/views/admin/settings/services/_mediawiki.html.erb

@@ -8,10 +8,9 @@
     description: "MediaWiki configuration present and features enabled"
   ) %>
   <% if Setting.mediawiki_enabled? %>
-    <%= render FormElements::FieldsetComponent.new(title: "Public URL") do %>
-      <%= f.text_field :mediawiki_public_url,
-        value: Setting.mediawiki_public_url,
-        class: "w-full", disabled: true %>
-    <% end %>
+    <%= render FormElements::FieldsetResettableSettingComponent.new(
+          key: :mediawiki_public_url,
+          title: "Public URL"
+        ) %>
   <% end %>
 </ul>

app/views/admin/settings/services/_remotestorage.html.erb

@@ -1,4 +1,5 @@
 <h3>RemoteStorage</h3>
+<p class="text-red-600 mb-8">Feature currently in development.</p>
 <ul role="list">
   <%= render FormElements::FieldsetToggleComponent.new(
     form: f,
@@ -8,10 +9,13 @@
     description: "RemoteStorage configuration present and features enabled"
   ) %>
   <% if Setting.remotestorage_enabled? %>
-    <%= render FormElements::FieldsetComponent.new(title: "Storage URL") do %>
-      <%= f.text_field :rs_storage_url,
-        value: Setting.rs_storage_url,
-        class: "w-full", disabled: true %>
-    <% end %>
+    <%= render FormElements::FieldsetResettableSettingComponent.new(
+          key: :rs_storage_url,
+          title: "Storage Base URL"
+        ) %>
+    <%= render FormElements::FieldsetResettableSettingComponent.new(
+          key: :rs_redis_url,
+          title: "Redis URL"
+        ) %>
   <% end %>
 </ul>

app/views/dashboard/index.html.erb

@@ -7,73 +7,85 @@
       services:
     </p>
     <div class="services grid grid-cols-1 sm:grid-cols-2 gap-4 sm:gap-6">
-      <div class="border border-gray-300 rounded-md hover:border-gray-400
-                  bg-cover bg-[center_top_-50px] bg-no-repeat
-                  bg-[url(/img/logos/icon_xmpp.svg)]">
-        <%= link_to "https://wiki.kosmos.org/Services:Chat",
-              class: "block h-full px-6 py-6 rounded-md" do %>
-          <h3 class="mb-3.5">Chat</h3>
-          <p class="text-gray-600">
-            Federated chat rooms and instant messaging
-          </p>
-        <% end %>
-      </div>
-      <div class="border border-gray-300 rounded-md hover:border-gray-400
-                  bg-[length:95%] bg-center bg-no-repeat
-                  bg-[url(/img/logos/icon_discourse.svg)]">
-        <%= link_to "https://community.kosmos.org",
-              class: "block h-full px-6 py-6 rounded-md" do %>
-          <h3 class="mb-3.5">Discourse</h3>
-          <p class="text-gray-600">
-            Kosmos community forums and user support/help site
-          </p>
-        <% end %>
-      </div>
-      <div class="border border-gray-300 rounded-md hover:border-gray-400
-                  bg-cover bg-[center_top_-20px] bg-no-repeat
-                  bg-[url(/img/logos/icon_mediawiki.svg)]">
-        <%= link_to "https://wiki.kosmos.org",
-              class: "block h-full px-6 py-6 rounded-md" do %>
-          <h3 class="mb-3.5">Wiki</h3>
-          <p class="text-gray-600">
-            Kosmos documentation and knowledge base
-          </p>
-        <% end %>
-      </div>
-      <div class="border border-gray-300 rounded-md hover:border-gray-400
-                  bg-cover bg-center sm:bg-[center_top_-140px] bg-no-repeat
-                  bg-[url(/img/logos/icon_lightning.svg)]">
-        <%= link_to services_lightning_index_path,
-              class: "block h-full px-6 py-6 rounded-md" do %>
-          <h3 class="mb-3.5">Lightning Network</h3>
-          <p class="text-gray-600">
-            Send and receive sats over the Bitcoin Lightning Network
-          </p>
-        <% end %>
-      </div>
-      <div class="border border-gray-300 rounded-md hover:border-gray-400
-                  bg-cover bg-center bg-no-repeat
-                  bg-[url(/img/logos/icon_gitea.png)]">
-        <%= link_to "https://gitea.kosmos.org",
-              class: "block h-full px-6 py-6 rounded-md" do %>
-          <h3 class="mb-3.5">Gitea</h3>
-          <p class="text-gray-600">
-            Code hosting and collaboration for software projects
-          </p>
-        <% end %>
-      </div>
-      <div class="border border-gray-300 rounded-md hover:border-gray-400
-                  bg-cover bg-[center_top_-70px] bg-no-repeat
-                  bg-[url(/img/logos/icon_droneci.svg)]">
-        <%= link_to "https://drone.kosmos.org",
-              class: "block h-full px-6 py-6 rounded-md" do %>
-          <h3 class="mb-3.5">Drone CI</h3>
-          <p class="text-gray-600">
-            Continuous integration for software projects on Gitea
-          </p>
-        <% end %>
-      </div>
-      <% if Setting.remotestorage_enabled? && Flipper.enabled?(:remotestorage, current_user) %>
+      <% if Setting.ejabberd_enabled? %>
+        <div class="border border-gray-300 rounded-md hover:border-gray-400
+                    bg-cover bg-[center_top_-50px] bg-no-repeat
+                    bg-[url(/img/logos/icon_xmpp.svg)]">
+          <%= link_to services_chat_path,
+                class: "block h-full px-6 py-6 rounded-md" do %>
+            <h3 class="mb-3.5">Chat</h3>
+            <p class="text-gray-600">
+              Federated chat rooms and instant messaging
+            </p>
+          <% end %>
+        </div>
+      <% end %>
+      <% if Setting.mastodon_enabled? %>
+        <div class="border border-gray-300 rounded-md hover:border-gray-400
+                    bg-[length:80%] bg-[right_top_-30px] bg-no-repeat
+                    bg-[url(/img/logos/icon_mastodon.svg)]">
+          <%= link_to services_mastodon_path, class: "block h-full px-6 py-6 rounded-md" do %>
+            <h3 class="mb-3.5">Mastodon</h3>
+            <p class="text-gray-600">
+              Your account on the Open Social Web
+            </p>
+          <% end %>
+        </div>
+      <% end %>
+      <% if Setting.discourse_enabled? %>
+        <div class="border border-gray-300 rounded-md hover:border-gray-400
+                    bg-[length:95%] bg-center bg-no-repeat
+                    bg-[url(/img/logos/icon_discourse.svg)]">
+          <%= link_to "#{Setting.discourse_public_url}/session/sso?return_path=/",
+                class: "block h-full px-6 py-6 rounded-md" do %>
+            <h3 class="mb-3.5">Discourse</h3>
+            <p class="text-gray-600">
+              Kosmos community forums and user support/help site
+            </p>
+          <% end %>
+        </div>
+      <% end %>
+      <% if Setting.lndhub_enabled? %>
+        <div class="border border-gray-300 rounded-md hover:border-gray-400
+                    bg-cover bg-center sm:bg-[center_top_-140px] bg-no-repeat
+                    bg-[url(/img/logos/icon_lightning.svg)]">
+          <%= link_to services_lightning_index_path,
+                class: "block h-full px-6 py-6 rounded-md" do %>
+            <h3 class="mb-3.5">Lightning Network</h3>
+            <p class="text-gray-600">
+              Send and receive sats over the Bitcoin Lightning Network
+            </p>
+          <% end %>
+        </div>
+      <% end %>
+      <% if Setting.gitea_enabled? %>
+        <div class="border border-gray-300 rounded-md hover:border-gray-400
+                    bg-cover bg-center bg-no-repeat
+                    bg-[url(/img/logos/icon_gitea.png)]">
+          <%= link_to Setting.gitea_public_url,
+                class: "block h-full px-6 py-6 rounded-md" do %>
+            <h3 class="mb-3.5">Gitea</h3>
+            <p class="text-gray-600">
+              Code hosting and collaboration for software projects
+            </p>
+          <% end %>
+        </div>
+      <% end %>
+      <% if Setting.droneci_enabled? %>
+        <div class="border border-gray-300 rounded-md hover:border-gray-400
+                    bg-cover bg-[center_top_-70px] bg-no-repeat
+                    bg-[url(/img/logos/icon_droneci.svg)]">
+          <%= link_to Setting.droneci_public_url,
+                class: "block h-full px-6 py-6 rounded-md" do %>
+            <h3 class="mb-3.5">Drone CI</h3>
+            <p class="text-gray-600">
+              Continuous integration for software projects on Gitea
+            </p>
+          <% end %>
+        </div>
+      <% end %>
+      <% if Setting.remotestorage_enabled? &&
+            Flipper.enabled?(:remotestorage, current_user) %>
         <div class="border border-gray-300 rounded-md hover:border-gray-400">
           <%= link_to services_storage_path,
                 class: "block h-full px-6 py-6 rounded-md" do %>
@@ -84,16 +96,19 @@
           <% end %>
         </div>
       <% end %>
-      <!-- <div class="border border&#45;gray&#45;300 rounded&#45;md hover:border&#45;gray&#45;400 -->
-      <!--             bg&#45;[length:80%] bg&#45;[right_top_&#45;30px] bg&#45;no&#45;repeat -->
-      <!--             bg&#45;[url(/img/logos/icon_mastodon.svg)]"> -->
-      <!--   <%= link_to "https://kosmos.social", class: "block h&#45;full px&#45;6 py&#45;6 rounded&#45;md" do %> -->
-      <!--     <h3 class="mb&#45;3.5">Mastodon</h3> -->
-      <!--     <p class="text&#45;gray&#45;400"> -->
-      <!--       Your account on the Open Social Web -->
-      <!--     </p> -->
-      <!--   <% end %> -->
-      <!-- </div> -->
+      <% if Setting.mediawiki_enabled? %>
+        <div class="border border-gray-300 rounded-md hover:border-gray-400
+                    bg-cover bg-[center_top_-20px] bg-no-repeat
+                    bg-[url(/img/logos/icon_mediawiki.svg)]">
+          <%= link_to Setting.mediawiki_public_url,
+                class: "block h-full px-6 py-6 rounded-md" do %>
+            <h3 class="mb-3.5">Wiki</h3>
+            <p class="text-gray-600">
+              Kosmos documentation and knowledge base
+            </p>
+          <% end %>
+        </div>
+      <% end %>
     </div>
   </section>
 <% end %>

app/views/devise/passwords/new.html.erb

@@ -10,7 +10,7 @@
       <p class="flex gap-2 items-center">
         <%= f.text_field :cn, autofocus: true, autocomplete: "username",
                               required: true, class: "relative grow"%>
-        <span class="relative shrink-0 text-gray-500">@ kosmos.org</span>
+        <span class="relative shrink-0 text-gray-500">@ <%= Setting.primary_domain %></span>
       </p>
     </div>
     <p>

app/views/devise/sessions/new.html.erb

@@ -1,6 +1,6 @@
 <%
   # TODO remove when https://github.com/hotwired/turbo/issues/203 is fixed
-  enable_turbo = !session[:user_return_to].match?('/discourse/connect')
+  enable_turbo = !session[:user_return_to] || !session[:user_return_to].match?('/discourse/connect')
 %>
 
 <%= render HeaderCompactComponent.new(title: "Log in") %>
@@ -12,15 +12,17 @@
     <div class="mb-6">
       <%= f.label :cn, 'User', class: 'block mb-2 font-bold' %>
       <p class="flex gap-2 items-center">
-        <%= f.text_field :cn, autofocus: true, autocomplete: "username",
+        <%= f.text_field :cn, value: h(params[:cn]),
+              autofocus: params[:cn].blank?, autocomplete: "username",
               required: true, class: "relative grow", tabindex: "1" %>
-        <span class="relative shrink-0 text-gray-500">@ kosmos.org</span>
+        <span class="relative shrink-0 text-gray-500">@ <%= Setting.primary_domain %></span>
       </p>
     </div>
     <p class="mb-8">
       <%= f.label :password, class: 'block mb-2 font-bold' %>
       <%= f.password_field :password, autocomplete: "current-password",
-            required: true, class: "w-full", tabindex: "2" %>
+            autofocus: params[:cn].present?, required: true,
+            class: "w-full", tabindex: "2" %>
     </p>
 
     <%= tag.div class: "flex items-center mb-8 gap-x-3", data: {

app/views/icons/_alert-triangle.html.erb

@@ -1 +1 @@
-<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-alert-triangle"><path d="M10.29 3.86L1.82 18a2 2 0 0 0 1.71 3h16.94a2 2 0 0 0 1.71-3L13.71 3.86a2 2 0 0 0-3.42 0z"></path><line x1="12" y1="9" x2="12" y2="13"></line><line x1="12" y1="17" x2="12.01" y2="17"></line></svg>
+<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-alert-triangle <%= custom_class %>"><path d="M10.29 3.86L1.82 18a2 2 0 0 0 1.71 3h16.94a2 2 0 0 0 1.71-3L13.71 3.86a2 2 0 0 0-3.42 0z"></path><line x1="12" y1="9" x2="12" y2="13"></line><line x1="12" y1="17" x2="12.01" y2="17"></line></svg>

app/views/icons/_asterisk.html.erb

@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 512 512" fill="currentColor" stroke="currentColor" stroke-width="2" class="<%= custom_class %>"><path d="M475.31 364.144L288 256l187.31-108.144c5.74-3.314 7.706-10.653 4.392-16.392l-4-6.928c-3.314-5.74-10.653-7.706-16.392-4.392L272 228.287V12c0-6.627-5.373-12-12-12h-8c-6.627 0-12 5.373-12 12v216.287L52.69 120.144c-5.74-3.314-13.079-1.347-16.392 4.392l-4 6.928c-3.314 5.74-1.347 13.079 4.392 16.392L224 256 36.69 364.144c-5.74 3.314-7.706 10.653-4.392 16.392l4 6.928c3.314 5.74 10.653 7.706 16.392 4.392L240 283.713V500c0 6.627 5.373 12 12 12h8c6.627 0 12-5.373 12-12V283.713l187.31 108.143c5.74 3.314 13.079 1.347 16.392-4.392l4-6.928c3.314-5.74 1.347-13.079-4.392-16.392z"/></svg>

app/views/icons/_folder.html.erb

@@ -1 +1 @@
-<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-folder"><path d="M22 19a2 2 0 0 1-2 2H4a2 2 0 0 1-2-2V5a2 2 0 0 1 2-2h5l2 3h9a2 2 0 0 1 2 2z"></path></svg>
+<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-folder <%= custom_class %>"><path d="M22 19a2 2 0 0 1-2 2H4a2 2 0 0 1-2-2V5a2 2 0 0 1 2-2h5l2 3h9a2 2 0 0 1 2 2z"></path></svg>

app/views/icons/_qr_code.html.erb

@@ -0,0 +1,11 @@
+<svg class="icon-qr-code <%= custom_class %>" fill="currentColor" width="90" height="90" version="1.1" viewBox="0 0 90 90" xmlns="http://www.w3.org/2000/svg">
+  <path id="path2" d="m22.014 22.612c0-2.5389 2.0586-4.5976 4.5976-4.5976h9.1937c2.539 0 4.5976 2.0587 4.5976 4.5976v6.1937c0 2.539-2.0586 4.5976-4.5976 4.5976h-9.1937c-2.539 0-4.5976-2.0586-4.5976-4.5976z"/>
+  <path id="path4" d="m22.014 61.598c0-2.539 2.0586-4.5976 4.5976-4.5976h9.1937c2.539 0 4.5976 2.0586 4.5976 4.5976v6.1937c0 2.539-2.0586 4.5976-4.5976 4.5976h-9.1937c-2.539 0-4.5976-2.0586-4.5976-4.5976z"/>
+  <path id="path6" d="m50 22.612c0-2.5389 2.0586-4.5976 4.5976-4.5976h9.1937c2.539 0 4.5976 2.0587 4.5976 4.5976v6.1937c0 2.539-2.0586 4.5976-4.5976 4.5976h-9.1937c-2.539 0-4.5976-2.0586-4.5976-4.5976z"/>
+  <path id="path8" d="m50 61.598c0-2.539 2.0586-4.5976 4.5976-4.5976h9.1937c2.539 0 4.5976 2.0586 4.5976 4.5976v6.1937c0 2.539-2.0586 4.5976-4.5976 4.5976h-9.1937c-2.539 0-4.5976-2.0586-4.5976-4.5976z"/>
+  <path id="path10" d="m8.85 45c0-1.7397 1.4103-3.15 3.15-3.15h66.5c1.7397 0 3.15 1.4103 3.15 3.15s-1.4103 3.15-3.15 3.15h-66.5c-1.7397 0-3.15-1.4103-3.15-3.15z" clip-rule="evenodd" fill-rule="evenodd"/>
+  <path id="path12" d="m11.566 0c-6.3876 0-11.566 5.1782-11.566 11.566v14.627c0 1.7713 1.4359 3.2073 3.2072 3.2073s3.2072-1.436 3.2072-3.2073v-14.627c0-2.845 2.3064-5.1514 5.1514-5.1514h14.627c1.7713 0 3.2073-1.4359 3.2073-3.2072s-1.436-3.2072-3.2073-3.2072z" clip-rule="evenodd" fill-rule="evenodd"/>
+  <path id="path14" d="m11.566 90c-6.3876 0-11.566-5.1782-11.566-11.566v-14.628c0-1.7713 1.4359-3.2072 3.2072-3.2072s3.2072 1.4359 3.2072 3.2072v14.628c0 2.845 2.3064 5.1513 5.1514 5.1513h14.627c1.7713 0 3.2073 1.436 3.2073 3.2073 0 1.7712-1.436 3.2072-3.2073 3.2072z" clip-rule="evenodd" fill-rule="evenodd"/>
+  <path id="path16" d="m78.434 0c6.3876 0 11.566 5.1782 11.566 11.566v14.627c0 1.7713-1.4359 3.2073-3.2072 3.2073s-3.2072-1.436-3.2072-3.2073v-14.627c0-2.845-2.3064-5.1514-5.1514-5.1514h-14.627c-1.7713 0-3.2073-1.4359-3.2073-3.2072s1.436-3.2072 3.2073-3.2072z" clip-rule="evenodd" fill-rule="evenodd"/>
+  <path id="path18" d="m78.434 90c6.3876 0 11.566-5.1782 11.566-11.566v-14.628c0-1.7713-1.4359-3.2072-3.2072-3.2072s-3.2072 1.4359-3.2072 3.2072v14.628c0 2.845-2.3064 5.1513-5.1514 5.1513h-14.627c-1.7713 0-3.2073 1.436-3.2073 3.2073 0 1.7712 1.436 3.2072 3.2073 3.2072z" clip-rule="evenodd" fill-rule="evenodd"/>
+</svg>

app/views/icons/_science.html.erb

@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" height="48" viewBox="0 96 960 960" width="48" class="material-science <%= custom_class %>" fill="currentColor"><path d="M172 936q-41.777 0-59.388-39Q95 858 124 826l248-280V276h-52q-12.75 0-21.375-8.675-8.625-8.676-8.625-21.5 0-12.825 8.625-21.325T320 216h320q12.75 0 21.375 8.675 8.625 8.676 8.625 21.5 0 12.825-8.625 21.325T640 276h-52v270l248 280q29 32 11.388 71-17.611 39-59.388 39H172Zm-12-60h640L528 568V276h-96v292L160 876Zm318-300Z"/></svg>

app/views/invitations/index.html.erb

@@ -8,20 +8,27 @@
       </p>
       <ul class="md:w-3/4">
         <% @invitations_unused.each do |invitation| %>
-          <li class="font-mono mb-2 flex gap-1" data-controller="clipboard">
-            <input type="text" disabled class="relative grow"
+          <li class="mb-3 flex gap-1"
+              data-controller="clipboard modal"
+              data-action="keydown.esc->modal#close">
+            <input type="text" disabled class="relative grow font-mono"
                    value="<%= invitation_url(invitation.token) %>"
                    data-clipboard-target="source" />
-            <button id="copy-user-address" class="btn-md btn-icon btn-blue shrink-0 w-auto"
+            <button class="btn-md btn-icon btn-outline shrink-0 w-auto"
                     data-clipboard-target="trigger" data-action="clipboard#copy"
                     title="Copy to clipboard">
               <span class="content-initial">
-                <%= render partial: "icons/copy", locals: { custom_class: "text-white h-4 w-4 inline" } %>
+                <%= render partial: "icons/copy", locals: { custom_class: "text-blue-600 h-4 w-4 inline" } %>
               </span>
               <span class="content-active hidden">
-                <%= render partial: "icons/check", locals: { custom_class: "text-white h-4 w-4 inline" } %>
+                <%= render partial: "icons/check", locals: { custom_class: "text-blue-600 h-4 w-4 inline" } %>
               </span>
             </button>
+            <button class="btn-md btn-icon btn-outline shrink-0 w-auto"
+                    data-action="click->modal#open" title="Show QR code">
+                <%= render partial: "icons/qr_code", locals: { custom_class: "text-blue-600 h-4 w-4 inline" } %>
+            </button>
+            <%= render QrCodeModalComponent.new(qr_content: invitation_url(invitation.token)) %>
           </li>
         <% end %>
       </ul>

app/views/rs/oauth/new.html.erb

@@ -0,0 +1,58 @@
+<%= render HeaderCompactComponent.new(title: "Storage") %>
+
+<%= render MainCompactComponent.new do %>
+  <section class="permissions">
+    <p class="mb-8">
+      The app on
+      <%= link_to @client_id, "https://#{@client_id}", class: "ks-text-link" %>
+      is asking for access to these folders:
+    </p>
+
+    <% if @root_access_requested %>
+    <p class="scope text-lg">
+      <span class="text-red-700">
+        <%= render partial: "icons/alert-triangle",
+              locals: { custom_class: "inline-block align-bottom mr-1.5" } %>
+        All files and directories
+      </span>
+      <% if (@scopes & [":r"]).any? %>
+        <span class="text-sm text-gray-500">(read only)</span>
+      <% end %>
+    </p>
+    <% else %>
+      <% @scopes.each do |scope| %>
+      <p class="scope text-gray-600">
+        <span class="text-lg">
+          <%= render partial: "icons/folder",
+            locals: { custom_class: "inline-block align-bottom mr-1.5" } %>
+          <%= scope_name(scope) %>
+        </span>
+        <% if scope_permissions(scope) == "r" %>
+          <span>(read only)</span>
+        <% end %>
+      </p>
+      <% end %>
+    <% end %>
+
+    <%= form_with(url: rs_oauth_path, method: :post, data: { turbo: false }) do |f| %>
+      <%= f.hidden_field :redirect_uri, value: @redirect_uri %>
+      <%= f.hidden_field :scope, value: @scopes.join(" ") %>
+      <%= f.hidden_field :user_id, value: @user.id %>
+      <%= f.hidden_field :client_id, value: @client_id %>
+      <%= f.hidden_field :state, value: @state %>
+      <p class="mt-8 mb-6">
+        <%= f.label :expire_at, "Permission expires:", class: "mr-1.5" %>
+        <%= f.select :expire_at, options_for_select(@expire_at_dates) %>
+      </p>
+      <p class="text-sm text-gray-500">
+        You can revoke access for this app at any time on your storage dashboard.
+      </p>
+      <p class="mt-8 flex flex-col sm:flex-row gap-3 sm:gap-2 sm:justify-items-stretch">
+        <%= f.submit "Allow",
+              class: "btn-md btn-blue w-full sm:order-last sm:grow",
+              data: { disable_with: "Saving..." } %>
+        <%= link_to "Deny", @denial_url, class: "btn-md btn-gray text-red-700 w-full sm:grow" %>
+      </div>
+    <% end %>
+  </section>
+<% end %>

app/views/services/chat/show.html.erb

@@ -0,0 +1,199 @@
+<%= render HeaderComponent.new(title: "Chat") %>
+
+<%= render MainSimpleComponent.new do %>
+  <section>
+    <p class="mb-6">
+      Chat with anyone on the open Jabber (XMPP) network. Message people directly, or
+      join public channels or private rooms.
+    </p>
+  </section>
+  <section data-controller="modal" data-action="keydown.esc->modal#close">
+    <h3>Your Chat Address</h3>
+    <p class="mb-6">
+      When you exchange contacts with people, give them your
+      address, or add them using their address:
+    </p>
+    <p data-controller="clipboard" class="flex gap-1 sm:w-2/5">
+      <input type="text" id="user_address" class="grow"
+             value=<%= current_user.address %> disabled="disabled"
+             data-clipboard-target="source" />
+      <button id="copy-user-address" class="btn-md btn-icon btn-outline shrink-0"
+              data-clipboard-target="trigger" data-action="clipboard#copy"
+              title="Copy to clipboard">
+        <span class="content-initial">
+          <%= render partial: "icons/copy", locals: { custom_class: "text-blue-600 h-4 w-4 inline" } %>
+        </span>
+        <span class="content-active hidden">
+          <%= render partial: "icons/check", locals: { custom_class: "text-blue-600 h-4 w-4 inline" } %>
+        </span>
+      </button>
+      <button class="btn-md btn-icon btn-outline shrink-0 w-auto"
+              data-action="click->modal#open" title="Show QR code">
+          <%= render partial: "icons/qr_code", locals: { custom_class: "text-blue-600 h-4 w-4 inline" } %>
+      </button>
+    </p>
+    <%= render QrCodeModalComponent.new(qr_content: "xmpp:"+current_user.address) %>
+  </section>
+  <section>
+    <h3>Chat Apps</h3>
+    <p>
+      Use your account with many different apps, and on any devices you wish!
+      When opening an app for the first time, just enter your user address and
+      password to log in.
+    </p>
+  </section>
+  <section>
+    <h3>Recommended Apps</h3>
+    <div data-controller="tabs"
+         data-tabs-active-tab-class="-mb-px border-gray-200 border-l border-t border-r rounded-t text-indigo-600 hover:text-indigo-600"
+         data-tabs-inactive-tab-class="text-gray-500 hover:text-gray-700"
+         class="mb-12">
+      <select data-action="tabs#change" data-tabs-target="select"
+              class="block w-full mb-8 sm:hidden">
+        <optgroup label="Mobile">
+          <option>Android</option>
+          <option>iOS</option>
+        </optgroup>
+        <optgroup label="Desktop">
+          <option>Linux</option>
+          <option>Windows</option>
+          <option>macOS</option>
+        </optgroup>
+      </select>
+      <ul class="hidden sm:flex list-reset mb-8 border-gray-200 border-b">
+        <li class="mr-2" data-tabs-target="tab" data-action="click->tabs#change:prevent">
+          <a href="#" class="bg-white inline-block py-2 px-4 font-semibold no-underline">
+            Android
+          </a>
+        </li>
+        <li class="mr-2" data-tabs-target="tab" data-action="click->tabs#change:prevent">
+          <a href="#" class="bg-white inline-block py-2 px-4 font-semibold no-underline">
+            iOS
+          </a>
+        </li>
+        <li class="mr-2" data-tabs-target="tab" data-action="click->tabs#change:prevent">
+          <a href="#" class="bg-white inline-block py-2 px-4 font-semibold no-underline">
+            Linux
+          </a>
+        </li>
+        <li class="mr-2" data-tabs-target="tab" data-action="click->tabs#change:prevent">
+          <a href="#" class="bg-white inline-block py-2 px-4 font-semibold no-underline">
+            Windows
+          </a>
+        </li>
+        <li class="mr-2" data-tabs-target="tab" data-action="click->tabs#change:prevent">
+          <a href="#" class="bg-white inline-block py-2 px-4 font-semibold no-underline">
+            macOS
+          </a>
+        </li>
+        <!-- <li class="mr&#45;2" data&#45;tabs&#45;target="tab" data&#45;action="click&#45;>tabs#change"> -->
+        <!--   <a href="#" class="bg&#45;white inline&#45;block py&#45;2 px&#45;4 font&#45;semibold no&#45;underline"> -->
+        <!--     Web -->
+        <!--   </a> -->
+        <!-- </li> -->
+      </ul>
+
+      <div id="apps-android" class="hidden grid grid-cols-1 gap-6"
+           data-tabs-target="panel">
+        <%= render AppInfoComponent.new(
+          name: "Conversations",
+          description: "The gold standard for Jabber on mobile devices",
+          icon_path: "/img/logos/icon_conversations.png",
+          links: [
+            ["Website", "https://conversations.im"],
+            ["Google Play", "https://play.google.com/store/apps/details?id=eu.siacs.conversations"],
+            ["F-Droid", "https://f-droid.org/en/packages/eu.siacs.conversations/"],
+          ]
+        ) %>
+      </div>
+      <div id="apps-ios" class="hidden grid grid-cols-1 gap-6"
+           data-tabs-target="panel">
+        <%= render AppInfoComponent.new(
+          name: "Siskin IM",
+          description: "Lightweight and powerful chat app for iPhone and iPad",
+          icon_path: "/img/logos/logo_siskin.png",
+          links: [
+            ["Website", "https://siskin.im"],
+            ["App Store", "https://apps.apple.com/us/app/tigase-messenger/id1153516838"]
+          ]
+        ) %>
+        <%= render AppInfoComponent.new(
+          name: "Monal",
+          description: "A chat app for iOS, iPadOS, and macOS",
+          icon_path: "/img/logos/icon_monal.svg",
+          icon_fill_box: true,
+          links: [
+            ["Website", "https://monal-im.org"],
+            ["App Store", "https://apps.apple.com/app/id317711500"]
+          ]
+        ) %>
+      </div>
+      <div id="apps-linux" class="hidden grid grid-cols-1 gap-6"
+           data-tabs-target="panel">
+        <%= render AppInfoComponent.new(
+          name: "Dino",
+          description: "A modern and simple chat app for Linux (good for GNOME)",
+          icon_path: "/img/logos/icon_dino.svg",
+          links: [
+            ["Website", "https://dino.im"],
+            ["Install from package", "https://github.com/dino/dino/wiki/Distribution-Packages"]
+          ]
+        ) %>
+        <%= render AppInfoComponent.new(
+          name: "Kaidan",
+          description: "A fairly new, user-friendly chat app for all devices (good for KDE)",
+          icon_path: "/img/logos/icon_kaidan.svg",
+          links: [
+            ["Website", "https://kaidan.im"],
+          ]
+        ) %>
+        <%= render AppInfoComponent.new(
+          name: "Gajim",
+          description: "A fully-featured chat app for Linux and Windows",
+          icon_path: "/img/logos/icon_gajim.png",
+          links: [
+            ["Website", "https://gajim.org/"]
+          ]
+        ) %>
+      </div>
+      <div id="apps-windows" class="hidden grid grid-cols-1 gap-6"
+           data-tabs-target="panel">
+        <%= render AppInfoComponent.new(
+          name: "Gajim",
+          description: "A fully-featured chat app for Linux and Windows",
+          icon_path: "/img/logos/icon_gajim.png",
+          links: [
+            ["Website", "https://gajim.org/"],
+            ["Microsoft Store", "https://apps.microsoft.com/store/detail/9PGGF6HD43F9?launch=true&mode=mini"],
+            ["Download options", "https://gajim.org/download/"]
+          ]
+        ) %>
+      </div>
+      <div id="apps-mac" class="hidden grid grid-cols-1 gap-6"
+           data-tabs-target="panel">
+        <%= render AppInfoComponent.new(
+          name: "Beagle IM",
+          description: "Lightweight and powerful chat app for macOS",
+          icon_path: "/img/logos/logo_beagle.png",
+          links: [
+            ["Website", "https://beagle.im"],
+            ["App Store", "https://apps.apple.com/us/app/beagleim-by-tigase-inc/id1445349494"]
+          ]
+        ) %>
+        <%= render AppInfoComponent.new(
+          name: "Monal",
+          description: "A chat app for iOS, iPadOS, and macOS",
+          icon_path: "/img/logos/icon_monal.svg",
+          icon_fill_box: true,
+          links: [
+            ["Website", "https://monal-im.org"],
+            ["App Store", "https://apps.apple.com/app/id1637078500"]
+          ]
+        ) %>
+      </div>
+      <!-- <div class="hidden grid grid&#45;cols&#45;1 gap&#45;4 sm:gap&#45;6" data&#45;tabs&#45;target="panel"> -->
+      <!--   Web -->
+      <!-- </div> -->
+    </div>
+  </section>
+<% end %>

app/views/services/lightning/index.html.erb

@@ -7,17 +7,29 @@
 
   <section>
     <h3>Lightning Address</h3>
-    <p>
+    <p class="mb-6">
       Your Kosmos user address is also a
       <a class="ks-text-link" href="https://lightningaddress.com/" target="_blank">Lightning Address</a>!
       The easiest way to receive sats is by just giving out your address:
     </p>
-    <p>
-      <strong><%= current_user.address %></strong>
+    <p data-controller="clipboard" class="flex gap-1 sm:w-2/5">
+      <input type="text" id="user_address" class="grow"
+             value=<%= current_user.address %> disabled="disabled"
+             data-clipboard-target="source" />
+      <button id="copy-user-address" class="btn-md btn-icon btn-outline shrink-0"
+              data-clipboard-target="trigger" data-action="clipboard#copy"
+              title="Copy to clipboard">
+        <span class="content-initial">
+          <%= render partial: "icons/copy", locals: { custom_class: "text-blue-600 h-4 w-4 inline" } %>
+        </span>
+        <span class="content-active hidden">
+          <%= render partial: "icons/check", locals: { custom_class: "text-blue-600 h-4 w-4 inline" } %>
+        </span>
+      </button>
     </p>
   </section>
 
-  <section>
+  <section data-controller="modal" data-action="keydown.esc->modal#close">
     <h3>Wallet Apps</h3>
     <p>
       You can connect various wallet apps to your Kosmos account. This allows
@@ -28,19 +40,16 @@
     </p>
     <p data-controller="clipboard" class="my-6 text-center md:text-left">
       <input type="text" disabled class="hidden" aria-hidden=true
-             value="<%= @wallet_url%>" data-clipboard-target="source" />
+             value="<%= @wallet_setup_url %>" data-clipboard-target="source" />
       <button id="copy-setup-code" class="btn-md btn-blue w-full sm:w-auto"
               data-action="clipboard#copy" data-clipboard-target="trigger">
         <span class="content-initial">Copy setup code/URL</span>
         <span class="content-active hidden">Copied ✔</span>
       </button>
       <span class="mx-2 my-2 md:my-0 block md:inline">or</span>
-      <button id="show-setup-code" class="btn-md btn-blue w-full sm:w-auto">Show setup QR code</button>
-      <button id="hide-setup-code" class="hidden btn-md btn-blue w-full sm:w-auto">Hide setup QR code</button>
-    </p>
-    <p id="setup-code" class="hidden my-10 w-full text-center">
-      <%= raw @svg %>
+      <button data-action="click->modal#open" class="btn-md btn-blue w-full sm:w-auto">Show setup QR code</button>
     </p>
+    <%= render QrCodeModalComponent.new(qr_content: @wallet_setup_url) %>
   </section>
 
   <section>
@@ -88,28 +97,22 @@
       </p>
     </div>
   </section>
+
+  <section class="mb-12">
+    <h3>QR Code for Donations/Tips</h3>
+    <p>
+      You can print out or publish a QR code for people to scan with their
+      wallet apps, so they can send you sats without a direct personal
+      interaction (for example at a concert, or on your website).
+    </p>
+    <p class="my-6 text-center md:text-left">
+      <%= link_to "Download SVG file",
+                  qr_lnurlp_services_lightning_index_path(format: "svg"),
+                  class: "btn-md btn-blue w-full sm:w-auto"%>
+      <span class="mx-2 my-2 md:my-0 block md:inline">or</span>
+      <%= link_to "Download PNG file",
+                  qr_lnurlp_services_lightning_index_path(format: "png"),
+                  class: "btn-md btn-blue w-full sm:w-auto"%>
+    </p>
+  </section>
 <% end %>
-
-<script type="text/javascript">
-  (function () {
-    const buttonShow = document.querySelector('#show-setup-code');
-    const buttonHide = document.querySelector('#hide-setup-code');
-    const setupCode = document.querySelector('#setup-code');
-
-    buttonShow.addEventListener('click', function(ev) {
-      ev.preventDefault();
-      setupCode.classList.remove('hidden');
-      buttonHide.classList.remove('hidden');
-      buttonShow.classList.add('hidden');
-      setupCode.scrollIntoView({behavior: "smooth", block: "nearest"});
-    });
-
-    buttonHide.addEventListener('click', function(ev) {
-      ev.preventDefault();
-      const el = document.querySelector('#setup-code');
-      setupCode.classList.add('hidden');
-      buttonHide.classList.add('hidden');
-      buttonShow.classList.remove('hidden');
-    });
-  })();
-</script>

app/views/services/mastodon/show.html.erb

@@ -0,0 +1,219 @@
+<%= render HeaderComponent.new(title: "Social") %>
+
+<%= render MainSimpleComponent.new do %>
+  <section>
+    <p class="mb-6">
+      Follow and interact with anyone on the open social web, from your Kosmos Mastodon account.
+    </p>
+  </section>
+  <section data-controller="modal" data-action="keydown.esc->modal#close">
+    <h3>Your User Address</h3>
+    <p class="mb-6">
+      Others can follow you under this address:
+    </p>
+    <p data-controller="clipboard" class="flex gap-1 sm:w-2/5">
+      <input type="text" id="user_address" class="grow"
+             value=<%= current_user.mastodon_address %> disabled="disabled"
+             data-clipboard-target="source" />
+      <button id="copy-user-address" class="btn-md btn-icon btn-outline shrink-0"
+              data-clipboard-target="trigger" data-action="clipboard#copy"
+              title="Copy to clipboard">
+        <span class="content-initial">
+          <%= render partial: "icons/copy", locals: { custom_class: "text-blue-600 h-4 w-4 inline" } %>
+        </span>
+        <span class="content-active hidden">
+          <%= render partial: "icons/check", locals: { custom_class: "text-blue-600 h-4 w-4 inline" } %>
+        </span>
+      </button>
+      <button class="btn-md btn-icon btn-outline shrink-0 w-auto"
+              data-action="click->modal#open" title="Show QR code">
+          <%= render partial: "icons/qr_code", locals: { custom_class: "text-blue-600 h-4 w-4 inline" } %>
+      </button>
+    </p>
+    <%= render QrCodeModalComponent.new(qr_content: current_user.address) %>
+  </section>
+  <section>
+    <h3>Social Apps</h3>
+    <p>
+      Use your Mastodon account with many different apps, and on any devices
+      you wish! When adding your account to an app, you will log in via
+      <a href="https://kosmos.social" target="_blank" class="ks-text-link">kosmos.social</a>.
+    </p>
+  </section>
+  <section>
+    <h3>Recommended Apps</h3>
+    <div data-controller="tabs"
+         data-tabs-active-tab-class="-mb-px border-gray-200 border-l border-t border-r rounded-t text-indigo-600 hover:text-indigo-600"
+         data-tabs-inactive-tab-class="text-gray-500 hover:text-gray-700"
+         class="mb-12">
+      <select data-action="tabs#change" data-tabs-target="select"
+              class="block w-full mb-8 sm:hidden">
+        <option>Web</option>
+        <optgroup label="Mobile">
+          <option>Android</option>
+          <option>iOS</option>
+        </optgroup>
+        <optgroup label="Desktop">
+          <option>Linux</option>
+          <option>Windows</option>
+          <option>macOS</option>
+        </optgroup>
+      </select>
+      <ul class="hidden sm:flex list-reset mb-8 border-gray-200 border-b">
+        <li class="mr-2" data-tabs-target="tab" data-action="click->tabs#change:prevent">
+          <a href="#" class="bg-white inline-block py-2 px-4 font-semibold no-underline">
+            Web
+          </a>
+        </li>
+        <li class="mr-2" data-tabs-target="tab" data-action="click->tabs#change:prevent">
+          <a href="#" class="bg-white inline-block py-2 px-5 font-semibold no-underline">
+            Android
+          </a>
+        </li>
+        <li class="mr-2" data-tabs-target="tab" data-action="click->tabs#change:prevent">
+          <a href="#" class="bg-white inline-block py-2 px-4 font-semibold no-underline">
+            iOS
+          </a>
+        </li>
+        <li class="mr-2" data-tabs-target="tab" data-action="click->tabs#change:prevent">
+          <a href="#" class="bg-white inline-block py-2 px-4 font-semibold no-underline">
+            Linux
+          </a>
+        </li>
+        <li class="mr-2" data-tabs-target="tab" data-action="click->tabs#change:prevent">
+          <a href="#" class="bg-white inline-block py-2 px-4 font-semibold no-underline">
+            Windows
+          </a>
+        </li>
+        <li class="mr-2" data-tabs-target="tab" data-action="click->tabs#change:prevent">
+          <a href="#" class="bg-white inline-block py-2 px-4 font-semibold no-underline">
+            macOS
+          </a>
+        </li>
+      </ul>
+
+      <div class="hidden grid grid-cols-1 gap-6" data-tabs-target="panel">
+        <%= render AppInfoComponent.new(
+          name: "kosmos.social",
+          description: "The official Web app",
+          icon_path: "/img/logos/icon_mastodon-2.svg",
+          links: [
+            ["Launch", "https://kosmos.social"]
+          ]
+        ) %>
+        <%= render AppInfoComponent.new(
+          name: "Elk",
+          description: " A nimble Mastodon web client",
+          icon_path: "/img/logos/icon_elk.svg",
+          links: [
+            ["Launch", "https://elk.zone"],
+            ["GitHub", "https://github.com/elk-zone/elk"]
+          ]
+        ) %>
+        <%= render AppInfoComponent.new(
+          name: "Sengi",
+          description: "A cross-platform app, inspired by TweetDeck",
+          icon_path: "/img/logos/icon_sengi.png",
+          links: [
+            ["Website", "https://nicolasconstant.github.io/sengi/"],
+            ["GitHub", "https://github.com/NicolasConstant/sengi"]
+          ]
+        ) %>
+      </div>
+      <div class="hidden grid grid-cols-1 gap-6" data-tabs-target="panel">
+        <%= render AppInfoComponent.new(
+          name: "Mastodon for Android",
+          description: "Android client by the Mastodon core team",
+          icon_path: "/img/logos/icon_mastodon-2.svg",
+          links: [
+            ["Website", "https://joinmastodon.org/apps"],
+            ["Google Play", "https://play.google.com/store/apps/details?id=org.joinmastodon.android"]
+          ]
+        ) %>
+        <%= render AppInfoComponent.new(
+          name: "Fedilab",
+          description: "Android client with many features",
+          icon_path: "/img/logos/icon_fedilab.png",
+          links: [
+            ["Website", "https://fedilab.app"],
+            ["Google Play", "https://play.google.com/store/apps/details?id=app.fedilab.android"],
+            ["F-Droid", "https://f-droid.org/packages/fr.gouv.etalab.mastodon"],
+          ]
+        ) %>
+        <%= render AppInfoComponent.new(
+          name: "Megalodon",
+          description: "A popular fork of the official Android app",
+          icon_path: "/img/logos/icon_megalodon.png",
+          icon_fill_box: true,
+          links: [
+            ["Website", "https://sk22.github.io/megalodon/"],
+            ["Google Play", "https://play.google.com/store/apps/details?id=org.joinmastodon.android.sk"]
+          ]
+        ) %>
+      </div>
+      <div class="hidden grid grid-cols-1 gap-6" data-tabs-target="panel">
+        <%= render AppInfoComponent.new(
+          name: "Mastodon for iOS",
+          description: "iOS client by the Mastodon core team",
+          icon_path: "/img/logos/icon_mastodon-2.svg",
+          links: [
+            ["Website", "https://joinmastodon.org/apps"],
+            ["App Store", "https://apps.apple.com/us/app/mastodon-for-iphone/id1571998974"]
+          ]
+        ) %>
+        <%= render AppInfoComponent.new(
+          name: "Ice Cubes",
+          description: "Slick, fast, open source, and with customizable UI",
+          icon_path: "/img/logos/icon_icecubes.png",
+          icon_fill_box: true,
+          links: [
+            ["App Store", "https://apps.apple.com/us/app/ice-cubes-for-mastodon/id6444915884"],
+            ["GitHub", "https://github.com/Dimillian/IceCubesApp"]
+          ]
+        ) %>
+        <%= render AppInfoComponent.new(
+          name: "Mammoth",
+          description: " Powerful, fast, feature-rich",
+          icon_path: "/img/logos/icon_mammoth.png",
+          links: [
+            ["Website", "https://getmammoth.app/"],
+            ["App Store", "https://apps.apple.com/app/mammoth-for-mastodon/id1667573899"]
+          ]
+        ) %>
+      </div>
+      <div class="hidden grid grid-cols-1 gap-6" data-tabs-target="panel">
+        <%= render AppInfoComponent.new(
+          name: "Tuba",
+          description: "A simple, fast Mastodon app for Linux (good on GNOME)",
+          icon_path: "/img/logos/icon_tuba.svg",
+          links: [
+            ["Website", "https://tuba.geopjr.dev"],
+            ["Flathub", "https://flathub.org/apps/dev.geopjr.Tuba"],
+          ]
+        ) %>
+      </div>
+      <div class="hidden grid grid-cols-1 gap-6" data-tabs-target="panel">
+        <%= render AppInfoComponent.new(
+          name: "Sengi",
+          description: "A cross-platform app, inspired by TweetDeck",
+          icon_path: "/img/logos/icon_sengi.png",
+          links: [
+            ["Website", "https://nicolasconstant.github.io/sengi/"],
+            ["GitHub", "https://github.com/NicolasConstant/sengi"]
+          ]
+        ) %>
+      </div>
+      <div class="hidden grid grid-cols-1 gap-6" data-tabs-target="panel">
+        <%= render AppInfoComponent.new(
+          name: "Mastonaut",
+          description: "Simple, elegant, and native Mastodon client for Mac",
+          icon_path: "/img/logos/icon_mastonaut.png",
+          links: [
+            ["Launch", "https://www.mastonaut.app"],
+            ["Mac App Store", "https://apps.apple.com/app/mastonaut/id1450757574"]
+          ]
+        ) %>
+      </div>
+    </div>
+  </section>
+<% end %>

app/views/settings/_account.html.erb

@@ -13,13 +13,13 @@
             'settings--account--email-target': 'emailField'
           }, required: true %>
       <button type="button" id="edit-email"
-              class="btn-md btn-icon btn-blue shrink-0 hidden initial-visible"
+              class="btn-md btn-icon btn-outline shrink-0 hidden initial-visible"
               data-settings--account--email-target="editEmailButton"
               data-action="settings--account--email#editEmail"
               title="Edit email address">
         <span class="">
           <%= render partial: "icons/edit-3", locals: {
-                custom_class: "text-white h-4 w-4 inline" } %>
+                custom_class: "text-blue-600 h-4 w-4 inline" } %>
         </span>
       </button>
     </p>

app/views/settings/_experiments.html.erb

@@ -0,0 +1,89 @@
+<section>
+  <h3>Nostr</h3>
+  <h4 class="mb-0">Public Key</h4>
+  <div data-controller="settings--nostr-pubkey"
+       data-settings--nostr-pubkey-user-address-value="<%= current_user.address %>"
+       data-settings--nostr-pubkey-shared-secret-value="<%= session[:shared_secret] %>"
+       data-settings--nostr-pubkey-pubkey-hex-value="<%= current_user.nostr_pubkey %>">
+
+    <p class="<%= current_user.nostr_pubkey.present? ? '' : 'hidden' %> mt-2 flex gap-1">
+      <input type="text" value="<%= current_user.nostr_pubkey %>" disabled
+             data-settings--nostr-pubkey-target="pubkeyBech32Input"
+             name="nostr_public_key" class="relative grow" />
+      <%= link_to nostr_pubkey_settings_path,
+            class: 'btn-md btn-outline text-red-700 relative shrink-0',
+            data: { turbo_method: :delete, turbo_confirm: 'Are you sure?' } do %>
+        Remove
+      <% end %>
+    </p>
+
+    <% if current_user.nostr_pubkey.present? %>
+    <div class="rounded-md bg-blue-50 p-4">
+      <div class="flex">
+        <div class="flex-shrink-0">
+          <svg class="h-5 w-5 text-blue-400" viewBox="0 0 20 20" fill="currentColor" aria-hidden="true">
+            <path fill-rule="evenodd" d="M18 10a8 8 0 11-16 0 8 8 0 0116 0zm-7-4a1 1 0 11-2 0 1 1 0 012 0zM9 9a.75.75 0 000 1.5h.253a.25.25 0 01.244.304l-.459 2.066A1.75 1.75 0 0010.747 15H11a.75.75 0 000-1.5h-.253a.25.25 0 01-.244-.304l.459-2.066A1.75 1.75 0 009.253 9H9z" clip-rule="evenodd" />
+          </svg>
+        </div>
+        <div class="ml-3 flex-1">
+          <p class="text-sm text-blue-800">
+            Your user address <strong><%= current_user.address %></strong> is
+            also a Nostr address now. Use your favorite Nostr app, or for
+            example <a href="http://metadata.nostr.com" target="_blank"
+              class="underline">metadata.nostr.com</a>, to add this
+            <strong>NIP-05</strong> address to your public profile.
+          </p>
+        </div>
+      </div>
+    </div>
+    <% else %>
+    <p class="my-4">
+      If you use any apps on the Nostr network, you can verify your public key
+      with us in order to enable Nostr-specific features for your account.
+    </p>
+    <% end %>
+
+    <div data-settings--nostr-pubkey-target="noExtension"
+         class="hidden rounded-md bg-blue-50 p-4">
+      <div class="flex">
+        <div class="flex-shrink-0">
+          <svg class="h-5 w-5 text-blue-400" viewBox="0 0 20 20" fill="currentColor" aria-hidden="true">
+            <path fill-rule="evenodd" d="M18 10a8 8 0 11-16 0 8 8 0 0116 0zm-7-4a1 1 0 11-2 0 1 1 0 012 0zM9 9a.75.75 0 000 1.5h.253a.25.25 0 01.244.304l-.459 2.066A1.75 1.75 0 0010.747 15H11a.75.75 0 000-1.5h-.253a.25.25 0 01-.244-.304l.459-2.066A1.75 1.75 0 009.253 9H9z" clip-rule="evenodd" />
+          </svg>
+        </div>
+        <div class="ml-3">
+          <h3 class="mb-0 text-sm font-bold text-blue-800">
+            No browser extension found
+          </h3>
+          <div class="mt-2 mb-0 text-sm text-blue-800">
+            <p>
+              We recommend Alby, which you can also use for your Lightning
+              Wallet.
+            </p>
+          </div>
+          <div class="mt-4">
+            <div class="-mx-2 -my-1.5 flex">
+              <a href="https://getalby.com" target="_blank"
+                 class="rounded-md bg-blue-50 px-2 py-1.5 text-sm
+                        font-bold text-blue-800 hover:bg-blue-100
+                        focus:outline-none focus:ring-2 focus:ring-blue-600
+                        focus:ring-offset-2 focus:ring-offset-blue-50">
+                Get Alby
+              </a>
+            </div>
+          </div>
+        </div>
+      </div>
+    </div>
+
+    <% unless current_user.nostr_pubkey.present? %>
+    <p class="mt-8">
+      <button class="btn-md btn-gray w-full sm:w-auto" disabled
+              data-settings--nostr-pubkey-target="setPubkey"
+              data-action="settings--nostr-pubkey#setPubkey">
+        Get public key from browser extension
+      </button>
+    </p>
+    <% end %>
+  </div>
+</section>

app/views/settings/_profile.html.erb

@@ -7,14 +7,14 @@
     <input type="text" id="user_address" class="grow"
            value=<%= @user.address %> disabled="disabled"
            data-clipboard-target="source" />
-    <button id="copy-user-address" class="btn-md btn-icon btn-blue shrink-0"
+    <button id="copy-user-address" class="btn-md btn-icon btn-outline shrink-0"
             data-clipboard-target="trigger" data-action="clipboard#copy"
             title="Copy to clipboard">
       <span class="content-initial">
-        <%= render partial: "icons/copy", locals: { custom_class: "text-white h-4 w-4 inline" } %>
+        <%= render partial: "icons/copy", locals: { custom_class: "text-blue-600  h-4 w-4 inline" } %>
       </span>
       <span class="content-active hidden">
-        <%= render partial: "icons/check", locals: { custom_class: "text-white h-4 w-4 inline" } %>
+        <%= render partial: "icons/check", locals: { custom_class: "text-blue-600  h-4 w-4 inline" } %>
       </span>
     </button>
   </p>

app/views/shared/_admin_sidenav_settings_services.html.erb

@@ -5,6 +5,13 @@
   icon: Setting.discourse_enabled? ? "check" : "x",
   active: current_page?(admin_settings_services_path(params: { s: "discourse" })),
 ) %>
+<%= render SidenavLinkComponent.new(
+  level: 2,
+  name: "Drone CI",
+  path: admin_settings_services_path(params: { s: "droneci" }),
+  icon: Setting.droneci_enabled? ? "check" : "x",
+  active: current_page?(admin_settings_services_path(params: { s: "droneci" })),
+) %>
 <%= render SidenavLinkComponent.new(
   level: 2,
   name: "ejabberd",

app/views/shared/_sidenav_settings.html.erb

@@ -18,3 +18,9 @@
   active: @settings_section.to_s == "lightning"
 ) %>
 <% end %>
+<% if Setting.nostr_enabled %>
+<%= render SidenavLinkComponent.new(
+  name: "Experiments", path: setting_path(:experiments), icon: "science",
+  active: @settings_section.to_s == "experiments"
+) %>
+<% end %>

app/views/shared/status_bad_request.html.erb

@@ -0,0 +1,6 @@
+<%= render HeaderCompactComponent.new(title: "404") %>
+
+<%= render MainCompactComponent.new do %>
+  <h2>Bad request</h2>
+  <p>Please go back and try again.</p>
+<% end %>

app/views/signup/steps.html.erb

@@ -10,7 +10,7 @@
           <%= f.text_field :cn, autofocus: true, autocomplete: "username",
                                 required: true, class: "relative grow text-xl"%>
           <span class="relative shrink-0 text-gray-500 md:text-xl">
-            @ kosmos.org
+            @ <%= Setting.primary_domain %>
           </span>
         </p>
       </div>

bin/importmap

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+
+require_relative "../config/application"
+require "importmap/commands"

config/importmap.rb

@@ -5,3 +5,5 @@ pin "@hotwired/turbo-rails", to: "turbo.min.js", preload: true
 pin "@hotwired/stimulus", to: "stimulus.min.js", preload: true
 pin "@hotwired/stimulus-loading", to: "stimulus-loading.js", preload: true
 pin_all_from "app/javascript/controllers", under: "controllers"
+pin "bech32" # @2.0.0
+pin "tailwindcss-stimulus-components" # @4.0.3

config/routes.rb

@@ -21,17 +21,24 @@ Rails.application.routes.draw do
   namespace :services do
     get 'storage', to: 'remotestorage#dashboard'
 
+    resource :chat, only: [:show], controller: 'chat'
+
     resources :lightning, only: [:index] do
       collection do
         get 'transactions'
+        get 'qr_lnurlp'
       end
     end
+
+    resource :mastodon, only: [:show], controller: 'mastodon'
   end
 
   resources :settings, param: 'section', only: ['index', 'show', 'update'] do
     collection do
       post 'update_email'
       post 'reset_password'
+      post 'set_nostr_pubkey'
+      delete 'nostr_pubkey', to: 'settings#remove_nostr_pubkey'
     end
   end
 
@@ -42,6 +49,8 @@ Rails.application.routes.draw do
   get 'keysend/:address', to: 'lnurlpay#keysend',
     as: 'lightning_address_keysend', constraints: { address: /[^\/]+/}
 
+  get '.well-known/nostr', to: 'well_known#nostr'
+
   post 'webhooks/lndhub', to: 'webhooks#lndhub'
 
   namespace :api do
@@ -61,7 +70,14 @@ Rails.application.routes.draw do
     end
   end
 
-  get ".well-known/webfinger", to: 'webfinger#show'
+  namespace :rs do
+    resource :oauth, only: [:new, :create], path_names: {
+      new: ':useraddress', create: ':useraddress'
+    }, controller: 'oauth', constraints: { useraddress: /[^\/]+/}
+    get 'oauth/token/:id/launch_app' => 'oauth#launch_app', as: :launch_app
+  end
+
+  get '.well-known/webfinger', to: 'webfinger#show'
 
   namespace :discourse do
     get "connect", to: 'sso#connect'

db/migrate/20230304155240_add_nostr_pubkey_to_users.rb

@@ -0,0 +1,5 @@
+class AddNostrPubkeyToUsers < ActiveRecord::Migration[7.0]
+  def change
+    add_column :users, :nostr_pubkey, :string
+  end
+end

db/migrate/20230312212030_create_remote_storage_authorizations.rb

@@ -0,0 +1,20 @@
+class CreateRemoteStorageAuthorizations < ActiveRecord::Migration[7.0]
+  def change
+    db_type = ActiveRecord::Base.configurations.find_db_config(Rails.env).adapter
+    array_default = db_type == "postgresql" ? [] : [].to_yaml
+
+    create_table :remote_storage_authorizations do |t|
+      t.references :user, null: false, foreign_key: true
+      t.string :token
+      t.text :permissions, array: true, default: array_default
+      t.string :client_id
+      t.string :redirect_uri
+      t.string :app_name
+      t.datetime :expire_at
+
+      t.timestamps
+    end
+
+    add_index :remote_storage_authorizations, :permissions, using: 'gin'
+  end
+end

db/schema.rb

@@ -50,6 +50,20 @@ ActiveRecord::Schema[7.0].define(version: 2023_05_23_120753) do
     t.index ["user_id"], name: "index_invitations_on_user_id"
   end
 
+  create_table "remote_storage_authorizations", force: :cascade do |t|
+    t.integer "user_id", null: false
+    t.string "token"
+    t.text "permissions", default: "--- []\n"
+    t.string "client_id"
+    t.string "redirect_uri"
+    t.string "app_name"
+    t.datetime "expire_at"
+    t.datetime "created_at", null: false
+    t.datetime "updated_at", null: false
+    t.index ["permissions"], name: "index_remote_storage_authorizations_on_permissions"
+    t.index ["user_id"], name: "index_remote_storage_authorizations_on_user_id"
+  end
+
   create_table "settings", force: :cascade do |t|
     t.string "var", null: false
     t.text "value"
@@ -70,7 +84,6 @@ ActiveRecord::Schema[7.0].define(version: 2023_05_23_120753) do
     t.datetime "confirmed_at", precision: nil
     t.datetime "confirmation_sent_at", precision: nil
     t.string "unconfirmed_email"
-    t.text "ln_login_ciphertext"
     t.text "ln_password_ciphertext"
     t.string "ln_account"
     t.string "nostr_pubkey"
@@ -81,4 +94,5 @@ ActiveRecord::Schema[7.0].define(version: 2023_05_23_120753) do
     t.index ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true
   end
 
+  add_foreign_key "remote_storage_authorizations", "users"
 end

docker-compose.yml

@@ -12,57 +12,62 @@ services:
       DS_DM_PASSWORD: passthebutter
       SUFFIX_NAME: "dc=kosmos,dc=org"
 
-  # redis:
-  #   restart: always
-  #   image: redis:7-alpine
-  #   networks:
-  #     - internal_network
-  #   healthcheck:
-  #     test: ['CMD', 'redis-cli', 'ping']
-  #   volumes:
-  #     - ./tmp/redis:/data
+  redis:
+    restart: always
+    image: redis:7-alpine
+    networks:
+      - internal_network
+    healthcheck:
+      test: ['CMD', 'redis-cli', 'ping']
+    volumes:
+      - ./tmp/redis:/data
 
-  # web:
-  #   build: .
-  #   tty: true
-  #   command: bash -c "rm -f /akkounts/tmp/pids/server.pid; bin/dev"
-  #   volumes:
-  #     - .:/akkounts
-  #   networks:
-  #     - external_network
-  #     - internal_network
-  #   ports:
-  #     - "3000:3000"
-  #   environment:
-  #     RAILS_ENV: development
-  #     REDIS_URL: redis://redis:6379/0
-  #     LDAP_HOST: ldap
-  #     LDAP_PORT: 3389
-  #     LDAP_ADMIN_PASSWORD: passthebutter
-  #     LDAP_USE_TLS: "false"
-  #   depends_on:
-  #     - ldap
-  #     - redis
+  web:
+    build: .
+    tty: true
+    command: bash -c "rm -f /akkounts/tmp/pids/server.pid; bin/dev"
+    volumes:
+      - .:/akkounts
+      - /akkounts/node_modules
+    networks:
+      - external_network
+      - internal_network
+    ports:
+      - "3000:3000"
+    environment:
+      RAILS_ENV: development
+      PRIMARY_DOMAIN: kosmos.org
+      REDIS_URL: redis://redis:6379/0
+      RS_REDIS_URL: redis://redis:6379/1
+      LDAP_HOST: ldap
+      LDAP_PORT: 3389
+      LDAP_ADMIN_PASSWORD: passthebutter
+      LDAP_USE_TLS: "false"
+    depends_on:
+      - ldap
+      - redis
 
-  # sidekiq:
-  #   build: .
-  #   command: bash -c "bundle exec sidekiq -C config/sidekiq.yml"
-  #   volumes:
-  #     - .:/akkounts
-  #   networks:
-  #     - internal_network
-  #   environment:
-  #     RAILS_ENV: development
-  #     REDIS_URL: redis://redis:6379/0
-  #     LDAP_HOST: ldap
-  #     LDAP_PORT: 3389
-  #     LDAP_ADMIN_PASSWORD: passthebutter
-  #     LDAP_USE_TLS: "false"
-  #     LAUNCHY_DRY_RUN: true
-  #     BROWSER: /dev/null
-  #   depends_on:
-  #     - ldap
-  #     - redis
+  sidekiq:
+    build: .
+    command: bash -c "bundle exec sidekiq -C config/sidekiq.yml"
+    volumes:
+      - .:/akkounts
+    networks:
+      - internal_network
+    environment:
+      RAILS_ENV: development
+      PRIMARY_DOMAIN: kosmos.org
+      REDIS_URL: redis://redis:6379/0
+      RS_REDIS_URL: redis://redis:6379/1
+      LDAP_HOST: ldap
+      LDAP_PORT: 3389
+      LDAP_ADMIN_PASSWORD: passthebutter
+      LDAP_USE_TLS: "false"
+      LAUNCHY_DRY_RUN: true
+      BROWSER: /dev/null
+    depends_on:
+      - ldap
+      - redis
 
   # phpldapadmin:
   #   image: osixia/phpldapadmin:0.9.0

package.json

@@ -11,7 +11,7 @@
     "postcss-preset-env": "^7.8.3",
     "tailwindcss": "^3.2.4"
   },
-  "version": "0.6.0",
+  "version": "0.8.1",
   "scripts": {
     "build:css:tailwind": "tailwindcss --postcss -i ./app/assets/stylesheets/application.tailwind.css -o ./app/assets/builds/application.css",
     "build:css": "yarn run build:css:tailwind"

public/img/logos/icon_elk.svg

@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<svg
+   width="250"
+   height="250"
+   fill="none"
+   version="1.1"
+   id="svg30"
+   xmlns="http://www.w3.org/2000/svg"
+   xmlns:svg="http://www.w3.org/2000/svg">
+  <defs
+     id="defs34" />
+  <mask
+     id="a"
+     width="240"
+     height="234"
+     x="4"
+     y="1"
+     maskUnits="userSpaceOnUse"
+     style="mask-type:alpha">
+    <path
+       fill="white"
+       d="M244 123c0 64.617-38.383 112-103 112-64.617 0-103-30.883-103-95.5C38 111.194-8.729 36.236 8 16 29.46-9.959 88.689 6 125 6c64.617 0 119 52.383 119 117Z"
+       id="path19" />
+  </mask>
+  <g
+     mask="url(#a)"
+     id="g28"
+     transform="matrix(0.90923731,0,0,1.0049564,13.520015,-3.1040835)">
+    <path
+       fill="#ea9e44"
+       d="m 116.94,88.1 c -13.344,1.552 -20.436,-2.019 -24.706,10.71 0,0 14.336,21.655 52.54,21.112 -2.135,8.848 -1.144,15.368 -1.144,23.207 0,26.079 -20.589,48.821 -65.961,48.821 -23.03,0 -51.015,4.191 -72.367,15.911 -15.175,8.305 -27.048,20.336 -32.302,37.023 l 5.956,8.461 11.4,0.155 v 47.889 l -13.91,21.966 3.998,63.645 H -6.364 L -5.22,335.773 C 1.338,331.892 16.36,321.802 29.171,306.279 46.557,285.4 59.902,255.052 44.193,217.486 l 11.744,-5.045 c 12.887,30.814 8.388,57.514 -2.898,79.013 21.58,-0.698 40.11,-2.095 55.819,-4.734 l -3.584,-43.698 12.659,-1.087 L 129.98,387 h 13.116 l 2.212,-94.459 c 10.447,-4.502 34.239,-21.034 45.372,-78.47 1.372,-6.986 2.135,-12.885 2.516,-17.93 1.754,-12.806 2.745,-27.243 3.051,-43.698 l -18.683,-5.976 h 57.42 l 5.567,-12.807 c -5.414,0.233 -11.896,-2.639 -11.896,-2.639 l 1.297,-6.209 H 242 L 176.801,90.428 c -7.244,2.794 -14.87,6.442 -20.208,10.866 -4.27,-3.105 -19.063,-12.807 -39.653,-13.195 z"
+       id="path22" />
+    <path
+       fill="#c16929"
+       d="M 6.217,24.493 18.494,21 c 5.948,21.577 13.345,33.375 22.648,39.352 8.388,5.099 19.75,5.239 31.799,4.579 C 69.433,63.767 66.154,62.137 63.104,59.886 56.317,54.841 50.522,46.458 46.175,31.246 l 12.201,-3.649 c 3.279,11.488 7.092,18.085 12.201,21.888 5.11,3.726 11.286,4.657 18.606,5.433 13.726,1.553 30.884,2.174 52.312,12.264 2.898,1.086 5.872,2.483 8.769,4.036 -0.381,-0.776 -0.762,-1.553 -1.296,-2.406 -3.66,-5.822 -10.828,-11.953 -24.097,-16.92 l 4.27,-12.109 c 21.581,7.917 30.121,19.171 33.553,28.097 3.965,10.168 1.525,18.124 1.525,18.124 -3.05,1.009 -6.1,2.406 -9.608,3.492 -6.634,-4.579 -12.887,-8.033 -18.835,-10.75 C 113.814,70.442 92.31,76.108 73.246,77.893 58.91,79.213 45.794,78.591 34.432,71.295 23.222,64.155 13.385,50.495 6.217,24.493 Z"
+       id="path24" />
+    <path
+       fill="#c16929"
+       d="M 90.098,45.294 C 87.582,39.55 86.057,32.487 86.743,23.794 l 12.659,0.932 c -0.763,10.555 2.897,17.696 7.015,22.353 -5.338,-0.931 -10.447,-1.04 -16.319,-1.785 z m 80.069,-1.32 8.312,-9.702 c 21.58,19.094 8.159,46.415 8.159,46.415 l -11.819,-1.32 c -0.382,-6.24 -1.144,-17.836 -6.635,-24.371 3.584,1.84 6.635,3.865 9.99,6.908 0,-5.666 -1.754,-12.341 -8.007,-17.93 z"
+       id="path26" />
+  </g>
+</svg>

public/img/logos/icon_kaidan.svg

@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" height="256.39" width="256.39"><defs><radialGradient xlink:href="#b" id="g" cx="97.347" cy="925.562" fx="97.347" fy="925.562" r="59.347" gradientTransform="matrix(0 .94357 -2.19206 0 2158.799 18.862)" gradientUnits="userSpaceOnUse"/><radialGradient xlink:href="#b" id="h" gradientUnits="userSpaceOnUse" gradientTransform="matrix(0 .8425 -1.93775 0 1946.71 -14.002)" cx="95.806" cy="937.536" fx="95.806" fy="937.536" r="59.347"/><radialGradient id="a" gradientUnits="userSpaceOnUse" cy="256" cx="256" gradientTransform="matrix(2.2585 .02063 -.02134 2.336 -316.73 -347.29)" r="249.14"><stop stop-color="#30c357" offset="0"/><stop offset=".5" stop-color="#2cb465"/><stop stop-color="#32a482" offset="1"/></radialGradient><radialGradient xlink:href="#b" id="f" cx="88.754" cy="123.035" fx="88.754" fy="123.035" r="78.3" gradientTransform="matrix(.02885 1.09003 -1.35878 .03597 300.127 33.098)" gradientUnits="userSpaceOnUse"/><linearGradient id="b"><stop offset="0" stop-opacity=".416"/><stop offset="1" stop-opacity="0"/></linearGradient><linearGradient xlink:href="#a" id="e" gradientUnits="userSpaceOnUse" x1="127.988" y1="808.969" x2="127.988" y2="1033.499" gradientTransform="translate(18.596 -806.496) scale(1.011)"/><linearGradient xlink:href="#a" id="d" gradientUnits="userSpaceOnUse" x1="127.988" y1="808.969" x2="127.988" y2="1033.499" gradientTransform="translate(18.596 -806.496) scale(1.011)"/><filter id="c" x="-.041" width="1.082" y="-.04" height="1.081" color-interpolation-filters="sRGB"><feGaussianBlur stdDeviation="3.891"/></filter></defs><g transform="translate(82 -2.286)" opacity=".512" fill-opacity=".509" filter="url(#c)"><path d="M47.992 16.371c-62.684 0-113.5 50.816-113.5 113.5 0 15.92 3.284 31.071 9.201 44.822 2.875 7.87 5.724 15.722 6.72 22.264 1.01 6.646.108 11.944-1.16 15.361-1.266 3.418-2.901 4.955-4.165 8.502-1.264 3.548-2.155 9.106.775 13.319 2.93 4.213 9.68 7.08 22.17 9.277 12.49 2.197 30.725 3.719 46.623 3.719 15.899 0 29.471-1.536 39.037-2.932 8.418-1.228 13.704-2.35 18.643-3.459.557-.122 1.114-.241 1.668-.37l.363-.083-.01-.006c49.969-11.888 87.135-56.807 87.135-110.414 0-62.684-50.816-113.5-113.5-113.5z" fill-opacity="1" paint-order="stroke fill markers"/></g><g fill="#1f6d52"><path d="M241.492 125.586c0 62.684-50.816 113.5-113.5 113.5s-113.5-50.816-113.5-113.5 50.816-113.5 113.5-113.5 113.5 50.816 113.5 113.5z" paint-order="stroke fill markers"/><path d="M154.368 236.005c-5.556 1.258-11.108 2.516-20.674 3.912-9.566 1.397-23.139 2.93-39.037 2.933-15.899 0-34.133-1.524-46.623-3.72-12.49-2.197-19.241-5.064-22.171-9.277-2.93-4.213-2.038-9.77-.774-13.318 1.263-3.548 2.898-5.086 4.165-8.503 1.268-3.418 2.168-8.716 1.158-15.361-1.011-6.646-3.932-14.64-6.853-22.634"/></g><path d="M261.492 124.872c0 62.684-50.816 113.5-113.5 113.5s-113.5-50.816-113.5-113.5c0-62.685 50.816-113.5 113.5-113.5s113.5 50.815 113.5 113.5z" fill="url(#d)" paint-order="stroke fill markers" transform="translate(-20 -4.286)"/><path d="M174.368 235.29c-5.556 1.26-11.108 2.517-20.674 3.913-9.566 1.396-23.139 2.93-39.037 2.933-15.899 0-34.133-1.524-46.623-3.72-12.49-2.197-19.241-5.064-22.101-8.228-2.86-3.163-1.828-6.622-.565-10.17 1.264-3.547 2.759-7.184 3.956-11.651 1.198-4.467 2.098-9.765 1.088-16.41-1.011-6.646-3.932-14.64-6.853-22.635" fill="url(#e)" transform="translate(-20 -4.286)"/><path d="M188.207 160.324l-82.176 19.83-19.979-20.038S72.97 173.377 67.98 179.894l46.02 46.82 14.242 7.371c10.099-1.39 19.726-3.117 28.797-5.267.013 0 .026-.01.04-.01 27.199-7.275 48.656-19.338 63.52-36.12z" fill="url(#f)"/><path d="M205.473 113.95L49.639 132.596l30 30 147.375 21.975c7.02-9.995 12.02-21.406 14.867-34.211z" fill="url(#g)"/><path d="M188.46 68.752l45 45-142.557-2.826-24-24z" fill="url(#h)"/><g transform="translate(-88.78 -687.44) scale(1.011)" fill="#c1ede5"><rect x="150.87" y="744.15" width="127.26" height="26.476" ry="13.238" rx="13.238"/><rect x="133.62" y="789.12" width="161.61" height="26.476" ry="13.238" rx="13.238"/><rect x="186.23" y="834.92" width="91.833" height="26.476" ry="13.238" rx="13.238"/><rect x="150.8" y="834.92" width="26.476" height="26.476" ry="13.238" rx="13.238"/></g></svg>

public/img/logos/icon_mastodon-2.svg

@@ -0,0 +1,65 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<svg
+   width="100"
+   height="100"
+   viewBox="0 0 100 100"
+   fill="none"
+   version="1.1"
+   id="svg13"
+   sodipodi:docname="icon_mastodon-2.svg"
+   inkscape:version="1.2.2 (b0a8486541, 2022-12-01)"
+   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+   xmlns="http://www.w3.org/2000/svg"
+   xmlns:svg="http://www.w3.org/2000/svg">
+  <sodipodi:namedview
+     id="namedview15"
+     pagecolor="#ffffff"
+     bordercolor="#666666"
+     borderopacity="1.0"
+     inkscape:showpageshadow="2"
+     inkscape:pageopacity="0.0"
+     inkscape:pagecheckerboard="0"
+     inkscape:deskcolor="#d1d1d1"
+     showgrid="false"
+     inkscape:zoom="10.329114"
+     inkscape:cx="25.849265"
+     inkscape:cy="39.548407"
+     inkscape:window-width="1663"
+     inkscape:window-height="749"
+     inkscape:window-x="50"
+     inkscape:window-y="118"
+     inkscape:window-maximized="0"
+     inkscape:current-layer="svg13" />
+  <a
+     id="a300"
+     transform="translate(12.930783,10.499984)">
+    <path
+       d="M 73.8393,17.4898 C 72.6973,9.00165 65.2994,2.31235 56.5296,1.01614 55.05,0.797115 49.4441,0 36.4582,0 h -0.097 C 23.3717,0 20.585,0.797115 19.1054,1.01614 10.5798,2.27644 2.79399,8.28712 0.904997,16.8758 -0.00358524,21.1056 -0.100549,25.7949 0.0682394,30.0965 0.308852,36.2651 0.355538,42.423 0.91577,48.5665 c 0.3873,4.0809 1.06295,8.1292 2.02186,12.1147 1.79562,7.3608 9.06427,13.4864 16.18567,15.9854 7.6245,2.6062 15.8241,3.0389 23.6806,1.2496 0.8643,-0.2011 1.7178,-0.4345 2.5606,-0.7002 1.9105,-0.6068 4.1478,-1.2855 5.7926,-2.4775 0.0226,-0.0168 0.0411,-0.0384 0.0541,-0.0632 0.0131,-0.0249 0.0204,-0.0524 0.0213,-0.0805 v -5.9532 c -4e-4,-0.0262 -0.0066,-0.052 -0.0183,-0.0755 -0.0117,-0.0235 -0.0284,-0.0441 -0.0491,-0.0603 -0.0207,-0.0162 -0.0447,-0.0275 -0.0703,-0.0332 -0.0256,-0.0057 -0.0522,-0.0056 -0.0777,3e-4 -5.0336,1.2021 -10.1917,1.8048 -15.3669,1.7953 -8.9063,0 -11.3016,-4.2262 -11.9876,-5.9856 -0.5513,-1.5206 -0.9014,-3.1067 -1.0414,-4.718 -0.0015,-0.0271 0.0035,-0.0541 0.0145,-0.0789 0.0109,-0.0248 0.0276,-0.0466 0.0486,-0.0637 0.021,-0.0172 0.0457,-0.0291 0.0722,-0.0349 0.0265,-0.0058 0.0539,-0.0053 0.0802,0.0015 4.9497,1.194 10.0237,1.7967 15.1155,1.7953 1.2246,0 2.4456,0 3.6702,-0.0323 5.1211,-0.1436 10.5187,-0.4057 15.5572,-1.3895 0.1257,-0.0252 0.2514,-0.0467 0.3591,-0.079 7.9474,-1.5261 15.5106,-6.3159 16.2791,-18.445 0.0287,-0.4775 0.1006,-5.0017 0.1006,-5.4972 0.0035,-1.684 0.5422,-11.946 -0.0791,-18.2511 z"
+       fill="url(#paint0_linear_549_34)"
+       id="path2"
+       style="fill:url(#paint0_linear_549_34)" />
+    <path
+       d="M 61.2484,27.0263 V 48.114 H 52.8916 V 27.6475 c 0,-4.3087 -1.7956,-6.5062 -5.4479,-6.5062 -4.015,0 -6.026,2.5996 -6.026,7.7342 V 40.0782 H 33.1111 V 28.8755 c 0,-5.1346 -2.0146,-7.7342 -6.0296,-7.7342 -3.6308,0 -5.4444,2.1975 -5.4444,6.5062 V 48.114 H 13.2839 V 27.0263 c 0,-4.3087 1.1001,-7.7317 3.3004,-10.2691 2.2696,-2.5314 5.2468,-3.8312 8.9421,-3.8312 4.2772,0 7.5093,1.6445 9.6641,4.9299 l 2.0793,3.4901 2.0829,-3.4901 c 2.1547,-3.2854 5.3868,-4.9299 9.6568,-4.9299 3.6918,0 6.6689,1.2998 8.9458,3.8312 2.1978,2.535 3.2955,5.958 3.2931,10.2691 z"
+       fill="#ffffff"
+       id="path4" />
+  </a>
+  <defs
+     id="defs11">
+    <linearGradient
+       id="paint0_linear_549_34"
+       x1="37.069199"
+       y1="0"
+       x2="37.069199"
+       y2="79"
+       gradientUnits="userSpaceOnUse">
+      <stop
+         stop-color="#6364FF"
+         id="stop6" />
+      <stop
+         offset="1"
+         stop-color="#563ACC"
+         id="stop8" />
+    </linearGradient>
+  </defs>
+</svg>